ETV Portal Server Administrator Guide 61
Chapter 4
Configuring for SSLOverview
Whenever there is concern regarding confidentiality and integrity of data being sent between
ETV Portal Server web server and external clients, the ETV Portal Server web server login
page and all administration pages should be configured with a digital X.509 certificate to
enable SSL encryption. Secure Sockets Layer (SSL) is a set of cryptographic technologies that
provides secure communications. SSL can be used between client browsers and ETV Portal
Server web server to create a secure communication channel. It should also be used between
the ETV Portal Server and any LDAP directory server that is not Microsoft's Active
Directory. Because the Portal Server software runs on a Windows 2000 or Windows 2003
server, the communication between the ETV Portal Server and Active Directory is
automatically secured using Microsoft's security scheme.
However, communications between the ETV Portal Server and other LDAP directories is not
automatically secured. Please refer to the LDAP server documentation for instructions on
how to setup SSL between the ETV Portal Server server and the LDAP directory server.
TTo set-up SSL for client access to the ETV Portal Server web server:
1. Generate a Certificate Request
2. Submit a Certificate Request
3. Install the Certificate on the ETV Portal Server web server
4. Configure Resources to Require SSL Access
Generate a Certificate Request
If your company does not have an X.509 certificate, or does not have one for the ETV Portal
Server web server, a new certificate request must first be created.
TTo generate a certificate request:
1. From the ETV Portal Server web server Macintosh, start the Microsoft Internet
Information Service (IIS) Manager.
2. Expand the server name and select the web site for which the certificate will be installed.
3. Right-click the web site, and then click Properties.
4. Click the Directory Security tab.
5. Click the Server Certificate button within Secure communications to launch the Web
Server Certificate Wizard.
6. Click Next on the welcome dialog box.
7. Click Create a New Certificate and then click Next.
If Create a New Certificate is unavailable, the certificate has probably been installed
already. If that is the case, skip the rest of steps, and go to the Configure Resources to