Document Started 11/07/05 pvalentino We have enabled client certificate authentication to prevent people outside of our team from accessing the development server via browser. Below are instructions for setting up the client certificates for Firefox and Internet Explorer. This process will be done on each computer you intend to access the server with. You need a password to complete these procedures. Call Jeff at 831.338.0147 from 9am - 5pm PST before you start so he can give you the password. Firefox - Access Tools->Options->Advanced - In the Security section, make sure SSL 2.0, SSL 3.0, and TLS 1.0 are all checked on - In the Certificates section, click on Manage Certificates - Save the attached pvalentinoca.crt_ file and rename it to pvalentinoca.crt (remove the "_") - Save the attached pvalentinoclient.p12 file - On the Authority tab, click the Import button and import the pvalentino.crt file - On the Your Certificates tab, click Import and select the pvalentino.p12 file. You will be prompted for a password that you obtained from Jeff via telephone - If you receive any permissions errors or are unable to access either of the files then right click on each file and select the “Unblock” button; then repeat steps above Internet Explorer - Save the attached pvalentinoca.crt_ file and rename it to pvalentinoca.crt (remove the "_") - Save the attached pvalentinoclient.p12 file - Install the pvalentinoca.crt a) Double click pvalentinoca.crt file then follow the prompts to manually put it into the Trusted Root Store. - If you receive any permissions errors or are unable to access either of the files then right click on each file and select the “Unblock” button; then repeat steps above b) Click "Install certificate...", the Certificate Import Wizard will start c) Click the radio button "Place all certificates in the following store" and click on the Browse... button d) Choose "Trusted Root Certificate Authorities" and click OK button e) Click "Next" and then "Finish." A Root Certificate Store dialog will be displayed where you'll see some data, and the subject will include the text "dev.gopvalentino.com, pvalentino, Boston, Massachusetts, US." Click the Yes button to add this certificate. f) A confirmation pop-up will be displayed, click OK. Click OK to close the Install Certificate dialog also. - Install the pvalentinoclient.p12 file a) Double click pvalentinoclient.p12 file, the Certificate Import Wizard will start up. Click Next b) The File to Import page will be displayed with the location of the file you clicked on loaded in the filename field, click Next c) enter the password you obtained from Jeff, click Next d) On the Certificate Store page, make sure the radio button "Automatically select the certificate store based on the type of certificate" is selected, click Next e) Click Finish, a confirmation dialog will be displayed, click OK. Mozilla - Save the attached pvalentinoclient.p12 file - Go to Edit Menu and Select Preferences - Expand "Privacy & Security" by clicking "+" symbol if it is not already expanded - Select "Certificates" and choose the "Manage Certificates" button - Select the "Your Certificates" Tab and click the "Import" Button - Browse to the location you saved the pvalentinoclient.p12 file and select it for import - Leave the new password fields empty and select Yes for the following warning prompt - Enter password given to you by Jeff when asked for the password used to encrypt the key and click Ok - If you receive any permissions errors or are unable to access either of the files then right click on each file and select the “Unblock” button; then repeat steps above You're now setup to access the new development server with one or both of the supported browsers. To test the certificates, click on the following links: https://dev.gopvalentino.com/phptest.php : Result, you'll get a PHP Installation Test page displayed https://dev.gopvalentino.com/ : Result, you'll see a page that reads "Hello I work without PHP" the active cvs repository is viewable via: https://dev.gopvalentino.com:444/viewcvs
Posts
No comments:
Post a Comment