|
|
@@ -33,9 +33,13 @@
|
|
|
$(document).on('click','input.copy-text',function(){
|
|
|
theButton = $(this);
|
|
|
$('input.copy-text').attr('src','images/clipboard.png');
|
|
|
- $('span.copy-animation').removeClass('copy-animation');
|
|
|
+ $('span.copy-animation,span.copy-animation-ps').removeClass('copy-animation copy-animation-ps');
|
|
|
try {
|
|
|
- $('#'+ theButton.attr('rel')).addClass('copy-animation');
|
|
|
+ if($('#'+ theButton.attr('rel')).parent('div').hasClass('PS')){
|
|
|
+ $('#'+ theButton.attr('rel')).addClass('copy-animation-ps');
|
|
|
+ } else {
|
|
|
+ $('#'+ theButton.attr('rel')).addClass('copy-animation');
|
|
|
+ }
|
|
|
navigator.clipboard.writeText(theButton.data('clipboard-text').replace(/<[^>]*>?/gm, ''));
|
|
|
theButton.attr('src','images/clipboard_active.png');
|
|
|
} catch(err) {
|
|
|
@@ -57,8 +61,8 @@
|
|
|
});
|
|
|
|
|
|
if(window.self !== window.top){
|
|
|
- window.parent.$('iframe.stepsFrame').height((this['scrollingElement']['scrollHeight']+20) +'px');
|
|
|
- }
|
|
|
+ window.parent.$('iframe.stepsFrame').height((this['scrollingElement']['scrollHeight']+20) +'px');
|
|
|
+ }
|
|
|
});
|
|
|
</script>
|
|
|
<link href="css/steps.css" rel="stylesheet" type="text/css" />
|
|
|
@@ -71,122 +75,80 @@
|
|
|
</div>
|
|
|
<div></div>
|
|
|
<div id="content">
|
|
|
- <h2>
|
|
|
- Create Your SSL Certificate</h2>
|
|
|
+ <h2>Create Your SSL Certificate</h2>
|
|
|
+
|
|
|
<ol>
|
|
|
- <li>
|
|
|
- Launch XCA</li>
|
|
|
- <li>
|
|
|
- Open the PKI database if it is not already (File > Open DataBase), enter password</li>
|
|
|
- <li>
|
|
|
- Click on the Certificates tab, right click on your Intermediate CA certificate</li>
|
|
|
- <li>
|
|
|
- Select New</li>
|
|
|
- <li>
|
|
|
- On the Source tab, make sure Use this Certificate for signing is selected</li>
|
|
|
- <li>
|
|
|
- Verify your Intermediate CA certificate is selected from the drop down</li>
|
|
|
- <li>
|
|
|
- Click the Subject tab</li>
|
|
|
- <li>
|
|
|
- Complete the Distinguished Name section
|
|
|
- <p>
|
|
|
- internalName: WebDev SSL<br />
|
|
|
- countryName: US<br />
|
|
|
- stateOrProvinceName: Virginia<br />
|
|
|
- localityName: Northern<br />
|
|
|
- organizationName: i12bretro<br />
|
|
|
- organizationUnitName: i12bretro Certificate Authority<br />
|
|
|
- commonName: webdev.i12bretro.local</p>
|
|
|
+ <li>Launch XCA</li>
|
|
|
+ <li>Open the PKI database if it is not already (File > Open DataBase), enter password</li>
|
|
|
+ <li>Click on the Certificates tab, right click on your Intermediate CA certificate</li>
|
|
|
+ <li>Select New</li>
|
|
|
+ <li>On the Source tab, make sure Use this Certificate for signing is selected</li>
|
|
|
+ <li>Verify your Intermediate CA certificate is selected from the drop down</li>
|
|
|
+ <li>Click the Subject tab</li>
|
|
|
+ <li>Complete the Distinguished Name section
|
|
|
+ <p>internalName: WebDev SSL<br />
|
|
|
+ countryName: US<br />
|
|
|
+ stateOrProvinceName: Virginia<br />
|
|
|
+ localityName: Northern<br />
|
|
|
+ organizationName: i12bretro<br />
|
|
|
+ organizationUnitName: i12bretro Certificate Authority<br />
|
|
|
+ commonName: webdev.i12bretro.local</p>
|
|
|
</li>
|
|
|
- <li>
|
|
|
- Click the Generate a New Key button</li>
|
|
|
- <li>
|
|
|
- Enter a name and set the key size to at least 2048</li>
|
|
|
- <li>
|
|
|
- Click Create</li>
|
|
|
- <li>
|
|
|
- Click on the Extensions tab</li>
|
|
|
- <li>
|
|
|
- Select End Entity from the type list</li>
|
|
|
- <li>
|
|
|
- Click Edit next to Subject Alternative Name</li>
|
|
|
- <li>
|
|
|
- Add any DNS or IP addresses that the certificate will identify</li>
|
|
|
- <li>
|
|
|
- Update the validity dates to fit your needs</li>
|
|
|
- <li>
|
|
|
- Click the Key Usage tab</li>
|
|
|
- <li>
|
|
|
- Under Key Usage select Digital Signature, Key Enchiperment</li>
|
|
|
- <li>
|
|
|
- Under Extended Key Usage select Web Server and Web Client Authentication</li>
|
|
|
- <li>
|
|
|
- Click the Netscape tab</li>
|
|
|
- <li>
|
|
|
- Select SSL Server</li>
|
|
|
- <li>
|
|
|
- Click OK to create the certificate</li>
|
|
|
+ <li>Click the Generate a New Key button</li>
|
|
|
+ <li>Enter a name and set the key size to at least 2048</li>
|
|
|
+ <li>Click Create</li>
|
|
|
+ <li>Click on the Extensions tab</li>
|
|
|
+ <li>Select End Entity from the type list</li>
|
|
|
+ <li>Click Edit next to Subject Alternative Name</li>
|
|
|
+ <li>Add any DNS or IP addresses that the certificate will identify</li>
|
|
|
+ <li>Update the validity dates to fit your needs</li>
|
|
|
+ <li>Click the Key Usage tab</li>
|
|
|
+ <li>Under Key Usage select Digital Signature, Key Enchiperment</li>
|
|
|
+ <li>Under Extended Key Usage select Web Server and Web Client Authentication</li>
|
|
|
+ <li>Click the Netscape tab</li>
|
|
|
+ <li>Select SSL Server</li>
|
|
|
+ <li>Click OK to create the certificate</li>
|
|
|
</ol>
|
|
|
-<h2>
|
|
|
- Exporting Required Files</h2>
|
|
|
+
|
|
|
+<h2>Exporting Required Files</h2>
|
|
|
+
|
|
|
<ol>
|
|
|
- <li>
|
|
|
- In XCA, click on the Certificates tab</li>
|
|
|
- <li>
|
|
|
- Right click the Intermediate CA certificate > Export > File</li>
|
|
|
- <li>
|
|
|
- Set the file name with a .crt extension and verify the export format is PEM chain (*.pem)</li>
|
|
|
- <li>
|
|
|
- Click OK</li>
|
|
|
- <li>
|
|
|
- Right click the SSL certificate > Export > File</li>
|
|
|
- <li>
|
|
|
- Set the file name with a .crt extension and verify the export format is PEM (*.crt)</li>
|
|
|
- <li>
|
|
|
- Click OK</li>
|
|
|
- <li>
|
|
|
- Click the Private Keys tab</li>
|
|
|
- <li>
|
|
|
- Right click the private key generated for the SSL certificate > Export > File</li>
|
|
|
- <li>
|
|
|
- Set the file name with a .key extension and verify the export format is PEM private (*.pem)</li>
|
|
|
- <li>
|
|
|
- Click OK</li>
|
|
|
+ <li>In XCA, click on the Certificates tab</li>
|
|
|
+ <li>Right click the Intermediate CA certificate > Export > File</li>
|
|
|
+ <li>Set the file name with a .crt extension and verify the export format is PEM chain (*.pem)</li>
|
|
|
+ <li>Click OK</li>
|
|
|
+ <li>Right click the SSL certificate > Export > File</li>
|
|
|
+ <li>Set the file name with a .crt extension and verify the export format is PEM (*.crt)</li>
|
|
|
+ <li>Click OK</li>
|
|
|
+ <li>Click the Private Keys tab</li>
|
|
|
+ <li>Right click the private key generated for the SSL certificate > Export > File</li>
|
|
|
+ <li>Set the file name with a .key extension and verify the export format is PEM private (*.pem)</li>
|
|
|
+ <li>Click OK</li>
|
|
|
</ol>
|
|
|
-<h2>
|
|
|
- Setting Up Apache For SSL</h2>
|
|
|
+
|
|
|
+<h2>Setting Up Apache For SSL</h2>
|
|
|
+
|
|
|
<ol>
|
|
|
- <li>
|
|
|
- Navigate to <apacheinstalldir>/conf</apacheinstalldir></li>
|
|
|
- <li>
|
|
|
- Create a certs directory if it does not exist</li>
|
|
|
- <li>
|
|
|
- Copy the exported SSL certificate, private key and certificate chain files to <apacheinstalldir>/conf/certs</apacheinstalldir></li>
|
|
|
- <li>
|
|
|
- Edit <apacheinstalldir>/conf/httpd.conf</apacheinstalldir></li>
|
|
|
- <li>
|
|
|
- At the bottom of the file add a VirtualHost block<br />
|
|
|
- <p>
|
|
|
- Listen 443<br />
|
|
|
- <virtualhost :443=""><br />
|
|
|
- SSLEngine on<br />
|
|
|
- SSLProtocol -All +TLSv1.2 +TLSv1.3<br />
|
|
|
- SSLCipherSuite HIGH:!aNULL:!MD5<br />
|
|
|
- SSLCertificateFile <apacheinstalldir>/conf/certs/<ssl cert="">.crt<br />
|
|
|
- SSLCertificateKeyFile <apacheinstalldir>/conf/certs/<private key="">.key<br />
|
|
|
- SSLCertificateChainFile <apacheinstalldir>/conf/certs/<cert chain="">.crt</cert></apacheinstalldir></private></apacheinstalldir></ssl></apacheinstalldir></virtualhost></p>
|
|
|
+ <li>Navigate to <apacheinstalldir>/conf</apacheinstalldir></li>
|
|
|
+ <li>Create a certs directory if it does not exist</li>
|
|
|
+ <li>Copy the exported SSL certificate, private key and certificate chain files to <apacheinstalldir>/conf/certs</apacheinstalldir></li>
|
|
|
+ <li>Edit <apacheinstalldir>/conf/httpd.conf</apacheinstalldir></li>
|
|
|
+ <li>At the bottom of the file add a VirtualHost block
|
|
|
+ <p>Listen 443<br />
|
|
|
+ <virtualhost :443><br />
|
|
|
+ SSLEngine on<br />
|
|
|
+ SSLProtocol -All +TLSv1.2 +TLSv1.3<br />
|
|
|
+ SSLCipherSuite HIGH:!aNULL:!MD5<br />
|
|
|
+ SSLCertificateFile /conf/certs/%ssl.crt file%<br />
|
|
|
+ SSLCertificateKeyFile /conf/certs/%ssl.key file%<br />
|
|
|
+ SSLCertificateChainFile /conf/certs/%ssl-chain.crt file%<br />
|
|
|
+ </virtualhost></p>
|
|
|
</li>
|
|
|
- <li>
|
|
|
- Restart the Apache Service</li>
|
|
|
- <li>
|
|
|
- Open a web browser</li>
|
|
|
- <li>
|
|
|
- Navigate to https://<dnsorip>> from your certificate</dnsorip></li>
|
|
|
- <li>
|
|
|
- Click the lock and select view certificate</li>
|
|
|
- <li>
|
|
|
- Validate the certificate and certificate chain being presented by Apache HTTPD</li>
|
|
|
+ <li>Restart the Apache Service</li>
|
|
|
+ <li>Open a web browser</li>
|
|
|
+ <li>Navigate to https://DNSorIP from your certificate</li>
|
|
|
+ <li>Click the lock and select view certificate</li>
|
|
|
+ <li>Validate the certificate and certificate chain being presented by Apache HTTPD</li>
|
|
|
</ol>
|
|
|
</div>
|
|
|
</div>
|
i12bretro