SSL Prerequisites
•In order to use the Portal Server in secure (HTTPS) mode, you must have a signed and valid SSL certificate purchased from Verisign or another vendor. If the certificate is not signed, or if it is expired or otherwise invalid, video playback issues will occur.
•In an environment where the Portal Server is using SSL and a Network Video Recorder (NVR) is running on a separate server, the NVR server must also have an SSL Certificate installed in its IIS configuration or all NVR recording will fail.
•Be aware that hardened SSL encryption requires significant resources and can substantially impact performance. Use hardened SSL only when absolutely necessary in environments that require all pages to be encrypted.
•To use SSL, Amino set top box users must purchase a digital X.509 certificate from Verisign. Other certificates may work but Verisign is the only certificate currently tested and supported by VBrick.
Configuring SSL (Windows Server 2003)
1. Generate a Certificate Request
If your company does not have a X.509 certificate, or does not have one for the ETV Portal Server, a new certificate request must first be created.
TTo generate a certificate request:
1.From the ETV Portal Server, start the Microsoft Internet Information Services (IIS) Manager.
2.Expand the server name and select the web site for which the certificate will be installed.
3.
4.Select the Directory Security tab.
5.Select the Server Certificate button within Secure communications to launch the Web Server Certificate Wizard.
6.Select Next on the Welcome dialog box.
7.Select Create a New Certificate and then select Next. (If Create a New Certificate is
unavailable, the certificate has probably been installed already. If that is the case, skip the rest of the steps, and go to Step 4. Configure Portal Server Resources for SSL. If you want to create new certificate for ETV Portal Server, select Remove the current certificate to remove the certificate first, and then restart the procedure.)
8.Select Prepare the request now, but send it later and then select Next.
9.Type a descriptive name for the certificate in the Name field, type a bit length for the key in the Bit length field, and then select Next.
10.Type an organization name (e.g. VBrick) in the Organization field and type an organizational unit (such as Sales Department) in the Organizational unit field, and select Next. (This information will be placed in the certificate request, so make sure it is accurate. The Certificate Authority will verify this information and will place it in the certificate. A user browsing the ETV Portal Server will want to see this information in order to decide if they should accept the certificate.)
11.In the Common name field, type a common name, and then select Next. (Important: The common name is one of the most significant pieces of information that ends up in the certificate.)
124 | © 2009 VBrick Systems, Inc. |
