Configuring for ssl, Overview, Generate a certificate request – VBrick Systems Portal Server ETV v4.1 User Manual
Page 103: Chapter 5
ETV Portal Server Admin Guide
93
Chapter 5
Configuring for SSL
Overview
Secure Sockets Layer (SSL) provides endpoint authentication and communications privacy
over the Internet using cryptography. Whenever there is a concern regarding confidentially
and integrity of management data being sent between ETV Portal Server and external clients,
the ETV Portal Server user login page and all admin pages should be configured with a digital
X.509 certificate to enable SSL encryption. When SSL encryption is enabled, the Portal
Server only encrypts the Login pages and/or the Admin pages. The actual video streams are
never encryped. When SSL is enabled, the following elements can be encrypted:
•
MCS Admin Console – All MCS Admin Console pages are encrypted to protect
management information and other sensitive data.
•
MCS User Portal – Only the Login page (including the user ID and password) are
encrypted. The video streams are not encrypted.
•
LDAP Server – If using LDAP authentication, communications between the Portal
Server and the LDAP Server can be encrypted by enabling encryption on the LDAP
server.
By convention, URLs that require an SSL connection start with
https
instead of
http
. The
steps briefly listed here, and explained in detail on the following pages, explain how to set up
and use SSL on the Portal Server.
T
To set up SSL for client access to the ETV Portal Server:
1. Generate a Certificate Request.
2. Submit a Certificate Request.
3. Install the Certificate on the ETV Portal Server.
4. Configure ETV Resources for SSL.
1. Generate a Certificate Request
If your company does not have a X.509 certificate, or does not have a one for the ETV Portal
Server, a new certificate request must first be created.
T
To generate a certificate request:
1. From the ETV Portal Server, start the Microsoft Internet Information Services (IIS)
Manager.
2. Expand the server name and select the web site for which the certificate will be installed.
3. Right-click the web site, and then click
Properties
.
4. Select the
Directory Security
tab.
5. Select the
Server Certificate
button within
Secure
communications to launch the Web
Server Certificate Wizard.
6. Select
Next
on the Welcome dialog box.