Nortel Networks NN42030-300 manual Certificate Signing Request generation

Page 34

34Postinstallation

Whether you select a commercial Certificate Authority (CA) or build your own CA Server, you must provide the following information to enroll:

first and last name of the certificate administrator

e-mail address of the certificate administrator

any other information requested by the CA

ATTENTION

Nortel strongly recommends that you create an e-mail alias for the certificate administrator. The CA sends renewal notifications and other important information to this e-mail address. If the administrative responsibilities are shared, any administrator can access the notifications.

For additional information about commercial Certificate Authorities, go to any one of the following company Web sites:

VeriSign

Entrust

CACert

RapidSSL

For additional information about building your own CA server with Microsoft Exchange Server 2007, go to the Microsoft Web site at http://www.microsoft.com. Search on the key words build a certificate authority.

Certificate Signing Request generation

A Certificate Signing Request (CSR) is the unique fingerprint of the server and includes your private and public key pair. You need a CSR to enroll for a TLS certificate.

Procedure 5 “Generating a CSR” (page 35) describes the steps to generate a CSR by using Java keytool and sample directories. In this procedure, you use Java keytool, which is the recommended method. You can use another tool to generate a CSR if your environment requires that you do so.

For more information about Java keytool, go to http://java.sun.com/ and search on the keyword keytool.

Nortel Mobile Communication 3100 Series Portfolio

Nortel Mobile Communication Gateway 3100 Installation and Upgrades

NN42030-300 02.03 Standard

9 May 2008

Copyright © 2007, 2008 Nortel Networks

Page 33 Page 35
Image 34
Page 33 Page 35
Contents NN42030-300 Legal Notice Contents System software maintenance Copyright 2007, 2008 Nortel Networks Copyright 2007, 2008 Nortel Networks New in this release FeaturesOther changes Revision history How to get help Getting help through a Nortel distributor or reseller Conventions IntroductionSubject Intended audienceTerminology Related informationText conventions cont’d NTPs Introduction Overview FundamentalsMCG 3100 server components Hardware components Hardware requirements SpecificationSoftware components Overview of the MC 3100 installation Installation optionsInstallation overview Fundamentals Preinstallation Linux base installationPreinstallation Enterprise network verificationSupported Ldap servers Preinstallation Nonredundant server option InstallationNonredundant and redundant server implementations Redundant server optionProcedure Installing the MCG 3100 software Software installationRules for redundant server implementations Appinstall End Procedure Logging on to the MCG 3100 Web Console PostinstallationMCG 3100 Web Console logon Procedure Configuring the MCG 3100 parameters MCG 3100 parameter configurationMCG 3100 configuration parameter fields Field Description Postinstallation Procedure Adding a license file License fileLicence file troubleshooting ErrorManage TLS certificates Enroll with a Certificate AuthorityCertificate Signing Request generation Procedure Generating a CSR To generate the CSR, enter Signed TLS certificate Procedure Obtaining a signed TLS certificateFirsthand Procedure Obtaining a CA root or intermediate certificate CA root and intermediate certificatesProcedure Installing the root and signed certificates Root and signed certificate installationUsr/java/jdk1.5.003/bin/keytool -import Viewing the contents of the keystore Change the keystore default passwordCA root certificate distribution Sudo /sbin/service mobilitygw restartCd /opt/SQmobilityGW/tomcat/conf Procedure Installing a root certificate on a Nokia device Click File ManagerManage TLS certificates Postinstallation System software upgrades System software maintenanceProcedure Upgrading the MCG 3100 system software from CD System software maintenance PM EST Procedure Removing an SU Sudo /opt/mobilitybase-2.1-XX/postpatch.shSystem software uninstallation Sudo /opt/mobilitybase-2.1-XX/postunpatch.shShell commands Admin shell accessProcedure Uninstalling the MCG 3100 system software Sudo /sbin/service mobilityadmin start Sudo /sbin/service mobilitygw startSudo /sbin/service mobilitygw stop Sudo /sbin/service mobilityadmin stopProcedure Checking the Gateway Server processes Root 9498 9367 0 1402 pts/0 000000 grep SQMobilityGWRoot 9542 9367 0 1404 pts/0 000000 grep SQMobilityAdmin Procedure Checking the Administration Server processesProcedure Backing up the databases Mysqldump --opt --all-databases backup.sqlProcedure Restoring the databases To start the server processes, enter System software maintenance Appendix a Port numbers and protocols Port usage page 57 lists the port usage details for MCGTCP JVM Appendix B Self-signed certificate generation Procedure Generating self-signed certificatesUsr/java/jdk1.5.003/bin/keytool -genkey Days. Nortel recommends using a value 3650 Index Copyright 2007, 2008 Nortel Networks Page Nortel Mobile Communication 3100 Series Portfolio
Top Page Image Contents