Chapter 4

Configuring for SSL

Overview

Whenever there is concern regarding confidentiality and integrity of data being sent between ETV Portal Server web server and external clients, the ETV Portal Server web server login page and all administration pages should be configured with a digital X.509 certificate to enable SSL encryption. Secure Sockets Layer (SSL) is a set of cryptographic technologies that provides secure communications. SSL can be used between client browsers and ETV Portal Server web server to create a secure communication channel. It should also be used between the ETV Portal Server and any LDAP directory server that is not Microsoft's Active Directory. Because the Portal Server software runs on a Windows 2000 or Windows 2003 server, the communication between the ETV Portal Server and Active Directory is automatically secured using Microsoft's security scheme.

However, communications between the ETV Portal Server and other LDAP directories is not automatically secured. Please refer to the LDAP server documentation for instructions on how to setup SSL between the ETV Portal Server server and the LDAP directory server.

TTo set-up SSL for client access to the ETV Portal Server web server:

1.Generate a Certificate Request

2.Submit a Certificate Request

3.Install the Certificate on the ETV Portal Server web server

4.Configure Resources to Require SSL Access

Generate a Certificate Request

If your company does not have an X.509 certificate, or does not have one for the ETV Portal Server web server, a new certificate request must first be created.

TTo generate a certificate request:

1.From the ETV Portal Server web server Macintosh, start the Microsoft Internet Information Service (IIS) Manager.

2.Expand the server name and select the web site for which the certificate will be installed.

3.Right-click the web site, and then click Properties.

4.Click the Directory Security tab.

5.Click the Server Certificate button within Secure communications to launch the Web Server Certificate Wizard.

6.Click Next on the welcome dialog box.

7.Click Create a New Certificate and then click Next.

If Create a New Certificate is unavailable, the certificate has probably been installed already. If that is the case, skip the rest of steps, and go to the Configure Resources to

ETV Portal Server Administrator Guide

61

Page 68 Page 70
Page 69
Image 69
VBrick Systems ETV v3.1 manual Configuring for SSL, Generate a Certificate Request
Page 68 Page 70
Top Page Image Contents