| jun97.tar |
Listing 1: Encryption key pair generation in the server
sadr% /usr/local/ns-home/bin/https/admin/bin/sec-key -------------------------------------------------------- | Netscape Communications Corporation | | Key Pair File Generation | -------------------------------------------------------- Welcome to the key pair file generator. With this program, you can generate the public and private keys that your server uses for secure communications. First, the server needs to know where to put the new key. You should NOT overwrite an existing key pair file! Place the new key in a separate location. Make a note of the new key's location! You will need it later when you request a certificate. Type a full pathname to the new keyfile's location: The key will be placed in: Next, a random seed must be generated that will be used in the creation of your key pair file. One of the easiest ways to create a random seed is to count the amount of time between keystrokes on a keyboard. To begin, type keys on the keyboard until this progress meter is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD! |*******************************/ | Continue typing until the progress meter is full: Great! Press enter to continue. Generating key. This may take a few minutes... Done. Finally, enter a password which will be used to encrypt the key pair file. You will use this password when starting up and shutting down your server. NOTE: Be sure to keep this password safe! If you must write down the password, the physical safety of the recording is your responsibility. The password must be at least 8 characters long, and must contain at least one non-alphabetic character in it. It should not be a word in any dictionary. Password: Re-enter password: Congratulations! Your new key is in: /usr/local/ns-home/https- sadr/config/ServerKey.db -rw------- 1 root 32768 Mar 3 12:20 /usr/local/ns- home/https-sadr/config/ServerKey.db Now that you have generated a key, return to the sec-gkey form and in the box for 'Key File Path', enter: /usr/local/ns-home/https-sadr/config/ServerKey.db and then generate your certificate.
|