Changes between Version 4 and Version 5 of Software/Configuration/IcaToMua


Ignore:
Timestamp:
05/13/11 14:12:14 (9 years ago)
Author:
smartp@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Software/Configuration/IcaToMua

    v4 v5  
    1818The ICA and MUA that are going to communicate need a copy of each other's public key to enable this communication. 
    1919 
    20 When the ICA and MUA are installed, a PEM encoded version of their public keys are saved in their home directory's keys information as {{{raptor-ica-public.crt}}} and {{{raptor-mua-public.crt}}} respectively (see [Software/Configuration/Files this wiki page] for further information. Swapping these keys involves the following process. 
     20When the ICA and MUA are installed, a PEM encoded version of their public keys are saved in their home directory's keys information as {{{raptor-ica-public.crt}}} and {{{raptor-mua-public.crt}}} respectively (see [Software/Configuration/Files this wiki page] for further information). Swapping these keys involves the following process. 
    2121 
    2222== 2.1 On the MUA == 
    2323 
    24 1. Copy the ICA's public key from its keys directory ({{{ica/keys/raptor-ica-public.crt}}} on the ICA server) to the a temporary directory (e.g. {{{/tmp}}} or {{{~/}}}) on the MUA server (using SCP or your other favourite file transfer protocol). The rest of these instructions will assume you coped it to {{{/tmp/}}}. 
     241. Copy the ICA's public key from its keys directory ({{{ica/keys/raptor-ica-public.crt}}} on the ICA server) to the a temporary directory (e.g. {{{/tmp}}} or {{{~/}}}) on the MUA server (using SCP or your other favourite file transfer protocol). The rest of these instructions will assume you copied it to {{{/tmp/}}}. 
    2525 
    26262. In the MUA's truststore ({{{authorised-keys.jks}}}, import the ICA's public key, by: 
     
    2828 * Running the following command: 
    2929{{{ 
    30 # keytool -import -keystore authorised-keys.jks -keypass changeit -alias raptormua -file /tmp/raptor-mua-public.crt 
     30# keytool -import -keystore authorised-keys.jks -keypass changeit -alias raptorica -file /tmp/raptor-ica-public.crt 
    3131}}} 
    3232  * ''Note that this assumes that Java's {{{bin}}} directory is in the PATH, and that you have not yet changed the keystore password of the {{{authorised-keys.jks}}} file. If either of these assumptions are incorrect you will have to modify the command above accordingly.'' 
    33   * ''Also note that if you are configuring multiple MUAs, you will have to give each a separate alias by modifying the command above accordingly.'' 
     33  * ''Also note that if you are configuring multiple ICAs, you will have to give each a separate alias by modifying the command above accordingly.'' 
    3434 
    35353. Delete the temporary copy of the ICA's key. 
     
    4343Do the same as above, but in reverse. That is: 
    4444 
    45 1. Copy the MUA's public key from its keys directory ({{{mua/keys/raptor-ica-public.crt}}} on the MUA server) to the a temporary directory (e.g. {{{/tmp}}} or {{{~/}}}) on the ICA server (using SCP or your other favourite file transfer protocol). The rest of these instructions will assume you coped it to {{{/tmp/}}}. 
     451. Copy the MUA's public key from its keys directory ({{{mua/keys/raptor-mua-public.crt}}} on the MUA server) to the a temporary directory (e.g. {{{/tmp}}} or {{{~/}}}) on the ICA server (using SCP or your other favourite file transfer protocol). The rest of these instructions will assume you coped it to {{{/tmp/}}}. 
    4646 
    47472. In the ICA's truststore ({{{authorised-keys.jks}}}, import the MUA's public key, by: 
     
    4949 * Running the following command: 
    5050{{{ 
    51 # keytool -import -keystore authorised-keys.jks -keypass changeit -alias raptorica -file /tmp/raptor-ica-public.crt 
     51# keytool -import -keystore authorised-keys.jks -keypass changeit -alias raptormua -file /tmp/raptor-mua-public.crt 
    5252}}} 
    5353  * ''Note that this assumes that Java's {{{bin}}} directory is in the PATH, and that you have not yet changed the keystore password of the {{{authorised-keys.jks}}} file. If either of these assumptions are incorrect you will have to modify the command above accordingly.'' 
    54   * ''Also note that if you are configuring multiple ICAs, you will have to give each a separate alias by modifying the command above accordingly.'' 
     54  * ''Also note that if you are configuring multiple MUAs, you will have to give each a separate alias by modifying the command above accordingly.'' 
    5555 
    56563. Delete the temporary copy of the MUA's key.