Manuals / Nortel Networks / Communications / Cordless Telephone

Nortel Networks NN42030-300 manual Root and signed certificate installation

Models: NN42030-300

1 64

Download 64 pages 49.16 Kb

Page 39

Manage TLS certificates 39

4Save both formats of the certificate to a directory location that is accessible from the MCG 3100 Server.

--End--

Root and signed certificate installation

The keystore must contain the following certificates:

•the CA root or intermediate certificate (or both as required by the CA) in TXT format

•your signed TLS certificate

Procedure 8 “Installing the root and signed certificates” (page

39)describes the steps to import the certificates. You must know the root password to perform the following procedure. Root certificate files require Read and Write permissions for the user nortel.

ATTENTION

The root certificates for some well-known CAs (such as Verisign and Entrust) are preinstalled on the server and many client devices. If you receive a message stating that a certificate is already installed, select Yes to replace it, or No to use the existing certificate.

Procedure 8

Installing the root and signed certiﬁcates

Step Action

1At the MCG 3100 Server, log on to the server as nortel.

2Change to the certificate keystore directory: cd /opt/SQMobilityGW

3If the CA requires a root certificate, import it (in TXT format):

/usr/java/jdk1.5.0_03/bin/keytool -import

-trustcacerts -keystore .keystore -alias root -file <absolute_path_root_certificate_file>

4If the CA requires an intermediate certificate, import it (in TXT format):

/usr/java/jdk1.5.0_03/bin/keytool -import -trustcacerts -keystore .keystore -alias intermediate

-file <absolute_path_intermediate_cert_file>

5Import the signed TLS certificate:

/usr/java/jdk1.5.0_03/bin/keytool -import

-trustcacerts -keystore .keystore -alias tomcat -file <absolute_path_signed_certificate_file>

Nortel Mobile Communication 3100 Series Portfolio

Nortel Mobile Communication Gateway 3100 Installation and Upgrades

NN42030-300 02.03 Standard

9 May 2008

Copyright © 2007, 2008 Nortel Networks

Image 39

Nortel Networks NN42030-300 manual Root and signed certificate installation, Usr/java/jdk1.5.003/bin/keytool -import

Contents

NN42030-300 Legal Notice Contents System software maintenance Copyright 2007, 2008 Nortel Networks Copyright 2007, 2008 Nortel Networks Features New in this releaseOther changes Revision history How to get help Getting help through a Nortel distributor or reseller Intended audience IntroductionSubject ConventionsRelated information TerminologyText conventions cont’d NTPs Introduction Fundamentals OverviewMCG 3100 server components Hardware requirements Specification Hardware componentsSoftware components Installation options Overview of the MC 3100 installationInstallation overview Fundamentals Linux base installation PreinstallationEnterprise network veriﬁcation PreinstallationSupported Ldap servers Preinstallation Redundant server option InstallationNonredundant and redundant server implementations Nonredundant server optionSoftware installation Procedure Installing the MCG 3100 softwareRules for redundant server implementations Appinstall End Postinstallation Procedure Logging on to the MCG 3100 Web ConsoleMCG 3100 Web Console logon MCG 3100 parameter conﬁguration Procedure Conﬁguring the MCG 3100 parametersMCG 3100 configuration parameter fields Field Description Postinstallation License ﬁle Procedure Adding a license ﬁleError Licence ﬁle troubleshootingEnroll with a Certificate Authority Manage TLS certiﬁcatesCertificate Signing Request generation Procedure Generating a CSR To generate the CSR, enter Procedure Obtaining a signed TLS certificate Signed TLS certificateFirsthand CA root and intermediate certificates Procedure Obtaining a CA root or intermediate certificateRoot and signed certificate installation Procedure Installing the root and signed certiﬁcatesUsr/java/jdk1.5.003/bin/keytool -import Change the keystore default password Viewing the contents of the keystoreSudo /sbin/service mobilitygw restart CA root certificate distributionCd /opt/SQmobilityGW/tomcat/conf Click File Manager Procedure Installing a root certificate on a Nokia deviceManage TLS certificates Postinstallation System software maintenance System software upgradesProcedure Upgrading the MCG 3100 system software from CD System software maintenance PM EST Sudo /opt/mobilitybase-2.1-XX/postpatch.sh Procedure Removing an SUSudo /opt/mobilitybase-2.1-XX/postunpatch.sh System software uninstallationAdmin shell access Shell commandsProcedure Uninstalling the MCG 3100 system software Sudo /sbin/service mobilityadmin stop Sudo /sbin/service mobilitygw startSudo /sbin/service mobilitygw stop Sudo /sbin/service mobilityadmin startRoot 9498 9367 0 1402 pts/0 000000 grep SQMobilityGW Procedure Checking the Gateway Server processesProcedure Checking the Administration Server processes Root 9542 9367 0 1404 pts/0 000000 grep SQMobilityAdminMysqldump --opt --all-databases backup.sql Procedure Backing up the databasesProcedure Restoring the databases To start the server processes, enter System software maintenance Port usage page 57 lists the port usage details for MCG Appendix a Port numbers and protocolsTCP JVM Procedure Generating self-signed certiﬁcates Appendix B Self-signed certiﬁcate generationUsr/java/jdk1.5.003/bin/keytool -genkey Days. Nortel recommends using a value 3650 Index Copyright 2007, 2008 Nortel Networks Page Nortel Mobile Communication 3100 Series Portfolio