close Warning: Error with navigation contributor "AccountModule"

Changes between Version 3 and Version 4 of CertificateDiscussion


Ignore:
Timestamp:
Nov 6, 2012, 6:48:43 PM (6 years ago)
Author:
Pete Jalajas
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • CertificateDiscussion

    v3 v4  
    2121./roots/serverCA.srl
    2222./servers/<ServerNickName>-cert.pem    <-- the actual certificate issued to each client. Clients generate a key and CSR locally, send the CSR to the CA, which signs it (producing this certificate file as output) and returns it.
     23
    2324* serverCA.pem, serverRootKey.pem, serverRootCSR.pem, serverCA.srl: as above but for servers. Clients require that any server which they connect to, presents a certificate signed by serverCA.pem. All clients must have a copy of serverCA.pem to verify this.
    2425}}}
    25 Maybe someone can explain each of those files for us?
     26* Maybe someone can explain each of those files for us?
    26271. Set up the internet-connected Server machine (install boxbackup-server, run raidfile-config, bbstored-config).  Send -csr.pem to CA.
    27281. On the CA, sign the Server -csr.pem (bbstored-certs ca sign-server).  Follow output instructions...(sorry I don't have them handy).
     
    3233TrustedCAsFile = /etc/boxbackup/bbstored/clientCA.pem                <-- CA root cert(?), from CA "bbstored-certs ca init"
    3334}}}
    34 I believe that's true; someone please check.
     35* I believe that's true; someone please check.
    3536
    3637Now you are ready to add one or more clients: