Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

This page is available to list information and links to support pages with information useful for system administrators responsible for utilizing the InCommon Certificate Service.

IIS (Windows)

Requesting a new certificate

Follow these directions to generate a certificate signing request (CSR): CSR Generation: Microsoft IIS 5.x & 6.x

Installing a new certificate

Once you have been notified by InCommon that your certificate has been generated, follow these directions to install the certificate: Certificate Installation: Microsoft IIS 5.x & 6.x Note that you should use the "PKCS#7 Base64 encoded" link to download the certificate for use with IIS.

Replacing an existing certificate

By default, when using the IIS Certificate wizard in Windows to create a certificate signing request (CSR) for a new InCommon certificate, the wizard assumes that you are replacing the existing certificate. As a result, IIS also assumes you no longer want to use the existing certificate, leaving your site unavailable via https, an undesirable situation. However, you don't need to have your site unavailable while waiting for the certificate signing request to be processed by the certificate authority. You can use this information to get around this restriction in Windows: How to create a CSR without removing your current certificate in IIS

Apache httpd (Linux/Unix)

Requesting a new certificate

Follow these directions to generate a certificate signing request (CSR): CSR Generation: Using OpenSSL (Apache & mod_ssl, NGINX)

Installing a new certificate
Once you have been notified by InCommon that your certificate has been generated, follow these directions to install the certificate: Certificate Installation: Apache & mod_ssl Note that you should use the "X509 Certificate only, Base64 encoded" link to download the client certificate, and the "X509 Intermediates/root only Reverse, Base64 encoded" link to download the intermediate and rootcertificates, for use with httpd.

Tomcat (Windows)

The easiest method of getting SSL protection in Tomcat on Windows is to first request and install a certificate in IIS (even if no website is hosted by IIS), and the export the certificate from IIS, to import into Tomcat. To export an SSL certificate from IIS for use with Tomcat on Windows, follow these directions: Export SSL Certificate from IIS and Import into Tomcat

Tomcat (Linux/Unix)

To import an existing SSL key and certificate in Linux/Unix to Tomcat, follow these instructions: Importing existing SSL key and certificate for tomcat
  • No labels