PDA

View Full Version : SSL配置详解

roronoa
08-08-06, 03:14 PM
SSL配置图文攻略。
roronoa
08-08-06, 03:26 PM
自己顶下。。。。。。
ybylg
08-08-06, 04:22 PM
顶一下!!!!!!~~~~
aku1
08-08-06, 05:06 PM
之前我也成功配置过,过程有点复杂,还是建议大家看ca红皮书里面讲的很详细还包括其它实用的(我觉企业内部做https不是很有用,之前记得有本书说启用https服务器性能下降5-10%,没有真正实践
Overview - The Domino Server-based Certification Authority ......................................... 3
Option One - Migrating a Domino certifier to the CA process .......................................... 4
Loading the CA Process after Migration ............................................................................ 7
How to use the CA Process to Register Users .................................................................... 9
Common Errors that Occur using the CA Process............................................................ 11
Option Two - Creating an Internet Certifier with the CA process.................................... 13
Setting up the Certification Requests Database ................................................................ 17
Setting up the Key Ring and Merging the Internet Certificate ......................................... 19
Manually Processing Requests ......................................................................................... 22
Configuring the HTTP Server for SSL............................................................................. 27
Installing the Client Certificate for SSL ........................................................................... 32
Testing the Client Certificate ............................................................................................ 38
Option Three - Migrating an R5 Internet Certifier to the CA Process.............................. 40
Option Four – Using the CA Process with S/MIME ........................................................ 43
Administration of the CA Process .................................................................................... 46
Overview – Administrator Roles ...................................................................................... 48
CA Commands.................................................................................................................. 49
Adding Administrators to a Certificate............................................................................. 51
Disabling a Certifier.......................................................................................................... 52
Enabling a Certifier........................................................................................................... 53
Revoking a Certificate ...................................................................................................... 54
Removing a Certifier from the CA Process ...................................................................... 57
Administration Tips .......................................................................................................... 58
Encrypting the Certifier ID ............................................................................................... 59
Removing Passwords for Certifier Activation.................................................................. 62
Renaming the ICL Database ............................................................................................. 64
Confirming a CRL has run using the CA Process ............................................................ 65
Confirming Certificate Revocation................................................................................... 66
Creating a Local Copy of the Certifier ID ........................................................................ 67
Recovering a Certifier....................................................................................................... 68
Self-service resources on the web:....................................................................................

[ 本帖最后由 aku1 于 2006-8-8 05:14 PM 编辑 ]
aku1
08-08-06, 05:09 PM
谁要这本书电子版,声明积分要达100才行,其它兄弟先积累下在深入,谢谢
yuanwq
08-08-06, 06:44 PM
ssl是鸡肋,不要也罢。我刚才写了好多字准备带个附件发表帖子,却出错了,不想再写一遍
长颈叔叔
08-08-06, 08:15 PM
SSL最大的好处是在客户端和服务器中间的数据有加密,不用担心中间被拦截,相对会比较安全。

当然如果用户的电脑中了木马,在没有通过SSL之前数据已经被截取,则是否有SSL也是途劳。
Rocky
10-08-06, 11:54 AM
顶~~!!
好东西。
hanjun
11-08-06, 11:00 AM
不错,收藏一下,呵呵
ricocry
14-08-06, 10:54 PM
最近配置domino ssl,sametime ssl,portal 6 ssl,一个比一个痛苦,都快把我给折腾疯了。
steffens
07-12-06, 04:08 PM
谢谢楼主分享,收藏了。
postyin
06-06-07, 12:47 AM
想问下,最近配了个domino7服务器,用web方式登陆后,在惯用选项里的安全性想更改口令,弹出下图,是不是就是SSL没配置好啊?4707