This document addresses only how to acquire and verify a M.I.T. Server Certificate. This is not a tutorial on x509 certificates.
| Panel |
|---|
| indent |
|---|
{color:red}*WARNING:*
*Many systems that accept certificates treat the information within the certificate as case sensitive. Please make sure that all of your requests use lower case servernames. In particular, if your certifcate has an upper case server name in it, it will fail when used with MIT Touchstone.*[{color]}\\
|
|
PREREQUISITES
Before you begin, you must have the following:
...
| Panel |
|---|
| indent |
|---|
* Create a directory which will be used to for generating the certificate request.\\
* cd to the newly created directory.\\
* Execute the following command:\\
\\
*openssl genrsa 10242048 > {color:blue}servername{color}-key.pem*\\
\\
where {color:blue}servername{color} matches the name of the server that the final certificate will apply to (e.g. if the server is going to be *foo.mit.edu*, then this file would be foo-key.pem).\\
\\
{color:blue}servername{color}\-key.pem is the server certificate's private key. Do *not* loose this key. Store it in a safe and secure location.\\
|
|
...