Difference between revisions of "HowTo:Install UBIK Client Certificate"
(→Certificate list) |
m (→Automatic Import) |
||
(19 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | Setting up a client certificate for using a secure channel to the [[Web_Service|web service]]. | |
= Android = | = Android = | ||
− | == Manual installation == | + | === Manual installation === |
− | + | One can add server certificates to the {{UBIK Android}} application in addition to the pre-installed certificates, using a button in the ''Info'' menu. {{Version/AndroidSince|2.3.1}} | |
− | One can add server certificates to the {{UBIK Android}} application | + | |
# Copy the certificate to your device's SD card where you can find it easily. | # Copy the certificate to your device's SD card where you can find it easily. | ||
Line 11: | Line 10: | ||
# Press the ''Home'' button in the ''Action Bar''. | # Press the ''Home'' button in the ''Action Bar''. | ||
# Press the ''Info'' button in the drop-down menu. | # Press the ''Info'' button in the drop-down menu. | ||
− | # | + | # On the Info screen, press the ''Install Certificate'' button. |
# Select a file browser in order to select the certificate file. | # Select a file browser in order to select the certificate file. | ||
# Choose the certificate file you earlier copied to the device's SD card. | # Choose the certificate file you earlier copied to the device's SD card. | ||
− | If the adding was successful, a toast message confirming the installation will appear. Else, the | + | If the adding was successful, a toast message confirming the installation will appear. Else, the toast's text will indicate an error. |
The certificate will be stored in a '''BouncyCastle''' keystore on the device's file system (path: ''SD-Card/UBIK/Certificates''). | The certificate will be stored in a '''BouncyCastle''' keystore on the device's file system (path: ''SD-Card/UBIK/Certificates''). | ||
Line 22: | Line 21: | ||
{{Attention|A file browser app has to be installed on your device in order to select the certificate file from the SD-card.}} | {{Attention|A file browser app has to be installed on your device in order to select the certificate file from the SD-card.}} | ||
− | == Automatic Import == | + | === Automatic Import === |
− | + | One can place certificate files in a predefined folder in order for them to be imported automatically when the app starts up the next time. {{Version/AndroidSince|2.5.1}} | |
− | One can place certificate files in a predefined folder in order for them to be imported automatically when the app | + | |
− | + | ||
+ | The folder depends on the application: | ||
<pre> | <pre> | ||
<sd-card>/Android/data/com.augmensys.ubik.<custom_app>/files/cert | <sd-card>/Android/data/com.augmensys.ubik.<custom_app>/files/cert | ||
</pre> | </pre> | ||
− | |||
+ | === Certificate list === | ||
[[File:UBIK_Android_UI_Info_Activity_Certificate_List.png|400 px|thumb|border|alt=Certificate List|Certificate List]] | [[File:UBIK_Android_UI_Info_Activity_Certificate_List.png|400 px|thumb|border|alt=Certificate List|Certificate List]] | ||
− | In the Info | + | In the Info screen, there is a button {{key press|Show certificates}} that opens a list of all installed certificates, displaying their subject and expiry date. {{Version/AndroidSince|2.5.1}} |
{{Attention|The certificate has to be provided as a X.509 DER encoded file, e.g. *.cer}} | {{Attention|The certificate has to be provided as a X.509 DER encoded file, e.g. *.cer}} | ||
{{Hint|The certificate will remain on the device even if the application is reinstalled.}} | {{Hint|The certificate will remain on the device even if the application is reinstalled.}} | ||
− | + | {{Clear}} | |
− | + | ||
− | [[ | + | = WinX / Web = |
− | + | The clients, either WinX or Web, need to have a certificate installed if the connection to the web service should use secure communication (HTTPS). This certificate can either be a root authority certificate, a self-signed or any other public key certificate from a certificate authority enabling a secured connection between the web service and the clients. | |
− | + | ||
− | + | If you already have a public key certificate available you can use this on the clients and web service. Otherwise you can create a certificate as described in [[HowTo:Create_UBIK_Web_Service_Certificates]]. | |
+ | |||
+ | As the {{UBIK Web}} client connects to the content server similar as any mobile client it needs also to be authorized using a certificate. Hence, whatever machine hosts the {{UBIK Web}} client application needs to have the certificate installed. | ||
− | |||
=== Install Root Authority Certificate === | === Install Root Authority Certificate === | ||
− | + | To import the certificate, start the certificate manager by entering ''Manage computer certificates'' in the Windows Start Screen (alternatively, start the program ''certmgr''): | |
− | + | ||
− | To import the certificate, start the certificate manager by entering ''Manage computer certificates'' in the Windows | + | |
# Go to section ''Trusted Root Certification Authorities'' and open the context menu. | # Go to section ''Trusted Root Certification Authorities'' and open the context menu. | ||
# Click on ''All Tasks'' | # Click on ''All Tasks'' | ||
Line 61: | Line 58: | ||
* [[Web_Service_Configuration|Web Service Configuration]] | * [[Web_Service_Configuration|Web Service Configuration]] | ||
+ | {{Category/Version|2.5.1}} | ||
− | + | [[Category:2.5.1|Install UBIK Client Certificate]] | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
[[Category:Android|Install UBIK Client Certificate]] | [[Category:Android|Install UBIK Client Certificate]] | ||
[[Category:How-To|Install UBIK Client Certificate]] | [[Category:How-To|Install UBIK Client Certificate]] | ||
[[Category:Installing|Install UBIK Client Certificate]] | [[Category:Installing|Install UBIK Client Certificate]] | ||
− | [[Category: | + | [[Category:WinX|Install UBIK Client Certificate]] |
− | + | ||
− | + |
Latest revision as of 15:02, 2 May 2016
Setting up a client certificate for using a secure channel to the web service.