rhn-o rg -trusted -ssl -cert-VER-REL. no arch. rpm: the RPM prepared for distribution to
client systems.
This file contains the CA SSL public certificate (above) and installs it as /usr/share/rhn/R HN-
O R G -T R UST ED -SSL-C ER T
rhn-ca-o penssl . cnf: the SSL CA configuration file.
l atest. txt: lists the latest versions of the relevant files.
When this process is complete, distribute the RPM file to the client systems. See Section 3.3,
“ D eploying the CA SSL Public Certificate to Clients” for more information.
3.2.4 . Generat ing Web Server SSL Key Set s
At this point, a CA SSL key pair should already be generated. However there is a likelihood of
generating web server SSL key sets more frequently, especially if more than one Proxy or Satellite is
deployed. A distinct set of SSL keys and certificates must be generated and installed for every distinct
Satellite or Proxy server host name. The value for --set-ho stname is therefore different for each
server.
The server certificate build process works in a similar fashion to CA SSL key pair generation, with
one exception: All server components are saved in subdirectories of the build directory. These
subdirectories reflect the build system's machine name, such as /ro o t/ssl -
bui l d /MAC HINE_NAME. To generate a server certificate, run the following command.
Important
Replace the example values with those appropriate for your organization.
The following is a single command. Ensure you enter it all on one line.
# rhn-ssl-tool --gen-server \
--password=MY_CA_PASSWORD \
--dir="/root/ssl-build" \
--set-state="MY_STATE" \
--set-city="MY_CITY"
--set-org="Example Inc." \
--set-org-unit="MY_ORG_UNIT" \
--set-email="admin@example.com" \
--set-hostname="machinename.example.com"
This command generates the following relevant files in a machine-specific subdirectory of the build
directory:
server. key: the Web server's SSL private server key.
server. csr: the Web server's SSL certificate request.
server. crt: the web server's SSL public certificate.
rhn-o rg -httpd -ssl -key-pai r-MACHINE_NAME-VER-REL. no arch. rpm: the RPM prepared
for distribution to Satellite and Proxy Servers. Its associated src. rpm file is also generated.
(90 pages)
(32 pages)
(60 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels