| Read this topic to... |
|---|
|
How you share an X.509 certificate between a web server and Tarantella, depends on whether or not you are using the Tarantella Web Server.
The configuration file (install_dir/webserver/apache/1.3.27/conf/httpd.conf)
for the Tarantella Web Server is pre-configured to use the same certificates
as the Tarantella server. These are installed in the
install_dir/var/tsp directory. So to share a
Tarantella server certificate with the Tarantella Web Server:
tarantella webserver restart --ssl command.
tarantella security start command.
If you are using your own web server instead of the Tarantella Web Server and you want to share its certificate with a Tarantella server, you have to decrypt the certificate's key and then install it on the Tarantella server.
Note If your web server doesn't let you access the key or the key was not originally encrypted by a product that uses SSLeay or OpenSSL certificate libraries, you must obtain and install a separate X.509 certificate.
To share a certificate:
cp /usr/local/apache/certs/boston.indigo-insurance.com.pem install_dir/var/tsp/ cp /usr/local/apache/certs/boston.indigo-insurance.com.key.pem install_dir/var/tsp/
tarantella security decryptkey
command to decrypt the certificate's key, for example:
tarantella security decryptkey \ --enckey install_dir/var/tsp/boston.indigo-insurance.com.key.pem \ --deckey install_dir/var/tsp/boston.indigo-insurance.com.key.out \ --format PEM
tarantella security certuse
command to install the X.509 certificate using the decrypted key file, for example:
tarantella security certuse --certfile install_dir/var/tsp/boston.indigo-insurance.com.pem --keyfile install_dir/var/tsp/boston.indigo-insurance.com.key.out
tarantella security start command.