Changes between Version 6 and Version 7 of IamProjectCerts

Timestamp:

10/05/11 09:53:39 (13 years ago)

Author:

jpmitchell@…

Comment:

--

IamProjectCerts

@@ -13 +13 @@
 ||iam.alaska.edu||!InCommon||IAM Wiki||Iron, Inner||2013/06/06||
 
-* Quick SSL Cert Check How To:
- 1. Get subject, issuer, and expiration date from a server.
+== Quick SSL Cert How Tos ==
+* Generate CSR and submit request to !InCommon Cert Service
+ 1. Generate CSR with OpenSSL
+{{{
+john@fearless:~/Documents/Security/Certs$ openssl req -new -newkey rsa:2048 -nodes -keyout idmq-2.alaska.edu.key -out idmq-2.alaska.edu.csr
+}}}
+ Use the following values:
+{{{
+OU = OIT Identity and Access Management
+O = University of Alaska Statewide System
+L = Fairbanks
+ST = AK
+C = US
+CN=somehost.alaska.edu/emailAddress=iam@alaska.edu
+}}}
+ 2. Submit CSR[[br]]
+ https://cert-manager.com/customer/InCommon/ssl?action=enroll
+ 3. Use IAM credentials for submission
+ 
+
+* Get subject, issuer, and expiration date from a server.
 {{{
 john@fearless:~$ openssl s_client -host idp.alaska.edu -port 443 2>&1 | openssl x509 -subject -issuer -enddate | head -n 3
@@ -21 +40 @@
 notAfter=Sep 11 23:59:59 2013 GMT
 }}}
- 2. Verify certificate chain with CA root public cert:
+* Verify certificate chain with CA root public cert:
 {{{
 john@fearless:~$ openssl s_client -CAfile /home/john/Desktop/AddTrustExternalCARoot.crt -showcerts -verify 5 -host idp.alaska.edu -port 443