VBrick Systems ETV v3.1 manual Configuring for SSL, Generate a Certificate Request

Page 69

Chapter 4

Configuring for SSL

Overview

Whenever there is concern regarding confidentiality and integrity of data being sent between ETV Portal Server web server and external clients, the ETV Portal Server web server login page and all administration pages should be configured with a digital X.509 certificate to enable SSL encryption. Secure Sockets Layer (SSL) is a set of cryptographic technologies that provides secure communications. SSL can be used between client browsers and ETV Portal Server web server to create a secure communication channel. It should also be used between the ETV Portal Server and any LDAP directory server that is not Microsoft's Active Directory. Because the Portal Server software runs on a Windows 2000 or Windows 2003 server, the communication between the ETV Portal Server and Active Directory is automatically secured using Microsoft's security scheme.

However, communications between the ETV Portal Server and other LDAP directories is not automatically secured. Please refer to the LDAP server documentation for instructions on how to setup SSL between the ETV Portal Server server and the LDAP directory server.

TTo set-up SSL for client access to the ETV Portal Server web server:

1.Generate a Certificate Request

2.Submit a Certificate Request

3.Install the Certificate on the ETV Portal Server web server

4.Configure Resources to Require SSL Access

Generate a Certificate Request

If your company does not have an X.509 certificate, or does not have one for the ETV Portal Server web server, a new certificate request must first be created.

TTo generate a certificate request:

1.From the ETV Portal Server web server Macintosh, start the Microsoft Internet Information Service (IIS) Manager.

2.Expand the server name and select the web site for which the certificate will be installed.

3.Right-click the web site, and then click Properties.

4.Click the Directory Security tab.

5.Click the Server Certificate button within Secure communications to launch the Web Server Certificate Wizard.

6.Click Next on the welcome dialog box.

7.Click Create a New Certificate and then click Next.

If Create a New Certificate is unavailable, the certificate has probably been installed already. If that is the case, skip the rest of steps, and go to the Configure Resources to

ETV Portal Server Administrator Guide

61

Image 69

Contents VBrick EtherneTV Portal Server About VBrick Systems CopyrightContents Access Control Auto Content Ingestion Contents Font Conventions OrganizationPrinter-Friendly Related DocumentsDownloaded Components OverviewETV Portal Server MySQLDesktop Requirements Server RequirementsWindows PCs End User FeaturesAdditional ETV Components Administrative FeaturesEtherneTV Video-on-Demand Server EtherneTV-STB Set-Top BoxVBrick Encoders/Decoders Additional Portal Server ComponentsETV Network Video Recorder ETV Live Portal ServerLive Portal Server User Interface Portal Server License FilesLicense File Description License Errors Administrator Options Administrator LoginOption Description Global Assignments Global SettingsFunction Description Only be done if advised by a VBrick technician or Network Custom Fields Customize Streams Add Link Add/Modify Video On-Demand Servers ServersAdd/Modify On-Demand Content Folders VBricks Select Add VBricks and click Submit To Configuration System Securit y IWS Server Port Set Top Boxes Advanced SettingsAdministration Recorders To add a Recorder configurationSelect Add Recorders and click Submit Script Devices Scripts Select Add Scripts and click Submit Add/Modify a URL for a Live Video Stream URLsURL VOD ContentNon-Video to Content PC Users Only Emergency Broadcast Administration VBrick Systems, Inc Administration Access Control Modify VOD ContentAdministration Required by ETV Portal Server. Case sensitive. Must begin Using Single Sign-On Installing the Root Certificate Using Ldap Servers with SSLClick Browse Resolving Other Security Alerts DiagnosticsStatus Logout HelpDefinitions Access ControlAuthorization AuthenticationVBrick Database Resources and Resource GroupsAuthentication by PIN STB AuthenticationSetup and Configure the EtherneTV System Authentication by IP AddressChoose an Authentication Method Create User Groups on the Portal Server Create Resource Groups on the Portal ServerLdap Directory Server Users Create Users on the ETV Portal ServerAssign Resources to Users or User Groups VBrick Systems, Inc Assigning Privileges to Users Add/Modify User InformationAdd/Modify Users Group Assignments Allow Access to Specific VOD ServersAdd/Modify Users Resource Group Assignments Add/Modify Live Channel PrivilegesAllow Viewing by Content Type Allow Access to Specific VOD ContentAllow Content Publishing Allow Content RecordingUser Groups Add/Modify Group Information Add/Modify Groups User AssignmentsAdd/Modify Groups Resource Assignments Resource Groups Add/Modify Users Resource Assignments Add/Modify Resource Group InformationVBrick Systems, Inc Generate a Certificate Request Configuring for SSLSubmit a Certificate Request Install the CertificateConfigure Resources for SSL VBrick Systems, Inc Auto Content Ingestion Removing Closed Captions To remove the closed captions track from MPEG-4 files VBrick Systems, Inc Index Index ETV Portal Server Administrator Guide Index Page VBrick Systems, Inc Beaumont Road Wallingford, Connecticut