|
| |
|
TLS/SSL
Certificate
|
To create 1024-bit RSA digital certificate
used for TLS/SSL (Secure Sockets Layer), such that WebEasyMail can
support various secure message transport protocols including SSL SMTP,
SSL POP3, SSL IMAP4, you should:
1. Download digital certificate creation toolkit: sslca.zip
(1.27Mb)
2. Unzip the file into your local machine (Win NT/2000/XP/2003), and
execute the ca.bat file under the following instructions.
3. After successful execution, you will get two files:
| wem.pem: |
The digital certificate as well as primary key
file required by the server. This file must be placed under
the installation directory of WebEasyMail.(note: you'll have
to restart WebEasyMail service program to make it effective) |
| caroot.cer: |
The certificate file imported into the client
machine. To successfully import the certificate, you should
refer to the documentation of your mail client. (in OutLook,
OutLook Express, for example, double click the certificate,
then choose "install", and the certificate will be imported.) |
Before executing the program, please have the following information
ready:
1. IP address of your server, which should
also be filled into the Common Name
box. This is the most important information! Common
Name should be consistent with the correct host name of
your server as well as the mail server configured in your mail client.
2. Certificate password.
Note:
 Red and Green
are the most important parts, i.e., the place in which you should
enter your IP address
The Dark-Blue part
is for you to enter the content
For other parts that require user input, just hit the
enter key.
C:\sslca>ca
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
...++++++
..++++++
writing new private key to 'ca\private\CAkey.pem'
Enter PEM pass phrase:(Password, required)
Verifying - Enter PEM pass phrase:(Password,
required)
-----
You are about to be asked to enter information that will be
incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished
Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg,
ip address, website) []:192.168.0.1
(Server IP address, required)
Email Address []:
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
...........................................................++++++
...............................++++++
writing new private key to 'ca\temp\server\server.key'
-----
You are about to be asked to enter information that will be
incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished
Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg,
ip address, website) []:192.168.0.1
(Server IP address, required)
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from openssl.conf
Loading 'screen' into random state - done
Enter pass phrase for ca\private\CAkey.pem:(Password,
required)
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'CN'
stateOrProvinceName :PRINTABLE:'Some-State'
organizationName :PRINTABLE:'Internet Widgits Pty Ltd'
commonName :PRINTABLE:'192.168.0.1'
Certificate is to be certified until Apr 22 06:00:08 2005 GMT
(365 days)
Sign the certificate? [y/n]:y (Confirmation
information, must choose "y")
1 out of 1 certificate requests certified, commit? [y/n]y (Confirmation
information, must choose "y")
Write out database with 1 new entries
Data Base Updated |
|
|
Download
