Changes

HowTo:Create UBIK Web Service Certificates

181 bytes removed, 13:04, 2 June 2014
To make the webservice accessible from a client, the client has to establish a secure connection to the webservice. Therefore, a certificate has to be provided and installed to the IIS server running UBIK. For demonstration and testingIf there is not real Root Authority Certificate, a temporary developer certificate can be used which bases on a self-signed root certificate. The creation for development and installation of a self-signed certificate can be done in the following waytesting:
== Prerequisites ==
To use the tools you basically need a windows command console window with admin-rights and the path varible set to the directory contaning the certification binaries. If a visual studio development environment is installed, you alternatively can start a "Visual Studio Development Console" out of the start menu.
== Create self-signed Root Authority Certificate ==
This step can be ignored if there is already a valid root authority certificate installed to be used on the server and the client. ! If not, you can create a self-signed root authority certificate, provide this in and install it on the client's application package server and use this as a basis for all webservices you want to acces with the clientas a trusted root authority certificate.
<code>makecert -n "CN=<SELFSIGNEDNAME>" -r -sv <SELFSIGNEDNAME>.pvk <SELFSIGNEDNAME>.cer</code><br/>
<code>makecert -n "CN=Augmensys" -r -sv AugmensysCA.pvk AugmensysCA.cer</code>
== Create Temporary Service Certificate ==
To create a specific service certificate, we define the site name (IP) of our sevice along with the service name.
While creating the certificate, the user is asked for a password to be entered, please remember this password as it it is used for further steps.
== Convert Temporary Service Certificate for import Import in IIS ==
The created certificate has to be converted for importing it on an IIS service.
681
edits