eScan Blog
eScan Website
eScan Forum
eScan Feeds From eScan Wiki
(Difference between revisions)
| Revision as of 07:07, 12 October 2010 WikiSysop (Talk | contribs) ← Previous diff |
Current revision WikiSysop (Talk | contribs) (→How To ?) |
||
| Line 1: | Line 1: | ||
| - | ==<B><font size=3>Index</font><span id="topindex"></span></B>== | + | {| class="wikitable" border="0" |
| + | |- | ||
| + | {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | ||
| + | | style="width:10%; color:#000;" | | ||
| + | {| style="width:100px; border:none; background:none;" | ||
| + | | [[Image:escan-g.jpg]] | ||
| + | |} | ||
| + | |style="text-align:left;"|'''·''' [[Escan/english/FAQ-eScan|<font size=1.5 color="blue" | ||
| - | ==How To ?== | + | align="left">eScan</font>]] '''·''' [[Escan/english/MailScan-AFT|<font size=1.5 |
| - | # [[#anchor1|<font color="blue">How to update MWAV utility?</font>]] | + | color="blue">MailScan</font>]] '''·''' [[Escan/english/Technologies|<font size=1.5 |
| + | color="blue">Technologies</font>]] | ||
| + | |style="text-align:right;"| '''·''' [[Technical Info|<font size=1.5 color="blue">Technical | ||
| + | Info</font>]] '''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security | ||
| + | Awareness</font>]] '''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]] | ||
| + | |} | ||
| + | <h2 id="mp-tfp-h2" style="margin:0; background:#95C33D; font-size:120%; font-weight:bold; border:10 solid #afa3bf; text-align:left; color:#000; padding:0.2em 0.4em">Generating a Certificate Signing Request (CSR)</h2> | ||
| + | {| class="wikitable" border="0" | ||
| + | |} | ||
| - | # '''How to update MWAV utility?'''<span id="anchor1"></span><br/><br/>'''Answer:'''<br/> | ||
| - | <br><br>To update '''MWAV utility''', please follow the below steps:<br><br> | + | '''For Apache''' |
| - | :1. Run MWAV utility.<br> | + | |
| - | :2. Then you will get following screen:<br> | + | |
| - | [[Image:mwav.jpg|image|center|600px]]<br/> | + | <B>Scenario:</B> The customer wants to have eScan Webconsole on HTTPS with a valid SSL |
| - | ::Just click on the '''update''' button, like shown in the above screen ( Circled with red color ). Clicking on '''Update''' button will start downloading the updates for MWAV.<br> | + | certificate (not a self-signed certificate), but has only the .pfx file for the SSL certificate, does not |
| - | <br><br><U><B>Note:</B></U> If eScan or MailScan is installed then update button will be grayed out, as shown in the below screen. The reason being MWAV take the updates from eScan or MailScan if they are installed.<br><br> | + | have the .crt/.cer and the .key files. |
| - | [[Image:mwav1.jpg|image|center|400px]]<br/><div style="text-align: right;">[[#topindex|<font color=“blue”>Back to Top</font>]]</div><br/><ol start="2"> | + | |
| + | <B> What we need for running our eScan Webconsole on HTTPS with a valid SSL certificate.</B> | ||
| + | # webconsole.cer | ||
| + | # webconsole.key | ||
| + | # ca.cer file | ||
| + | |||
| + | |||
| + | <B> How to extract .crt and .key files from .pfx file? </B> | ||
| + | # Create a folder named “certs” in the C drive root and copy available .pfx to this folder Eg: yourfile.pfx | ||
| + | # Open the command prompt and go to \MicroWorld\apache2\bin folder. | ||
| + | # Run the following command to extract the certificate: <B>openssl pkcs12 -in C:\certs\yourfile.pfx -clcerts -nokeys -out C:\certs\your_domain.crt</B> | ||
| + | # Run the following command to extract the private key: <B>openssl pkcs12 -in C:\certs\yourfile.pfx -nocerts -out C:\certs\enc_domain.key</B> You will be prompted to type the import password. Ask the customer to type the password that he used to protect the keypair while creating the .pfx file. You will be prompted again to provide a new password to protect the .key file that you are creating. Store the password to your key file in a secure place to avoid misuse. | ||
| + | #Run the following command to decrypt the private key: <B>openssl rsa -in C:\certs\enc_domain.key -out C:\certs\dec_domain.key</B> You will be prompted to type the password. Type the password that you set in step 4 to protect the .key file. | ||
| + | # Now export the your_domain.crt to webconsole.cer. <B>Refer below link to know how to export </B>https://support.comodo.com/index.php?/Knowledgebase/Article/View/361/17/how-do-i-convert-crt-file-into-the-microsoft-cer-format | ||
| + | # Get the ca.crt or ca.cer file from the SSL certificate provider. If you have the ca.crt file export it to ca.cer file. | ||
| + | # Rename the <B>dec_domain.key</B> to <B>webconsole.key</B> | ||
| + | # Stop the eScan-apache service. | ||
| + | # Rename the files ca.cer, webconsole.cer and webconsole.key from the “MicroWorld\apache2\bin\ssl” folder to ca.cer_ss, webconsole.cer_ss and webconsole.key_ss respectively. | ||
| + | # Copy the files ca.cer, webconsole.cer and webconsole.key from the C:\certs\ folder to the “MicroWorld\apache2\bin\ssl” folder. | ||
| + | # Start the eScan-apache service. | ||
Current revision
| · eScan · MailScan · Technologies | · Technical Info · Security Awareness · User Guides |
[edit]
Generating a Certificate Signing Request (CSR)
For Apache
Scenario: The customer wants to have eScan Webconsole on HTTPS with a valid SSL
certificate (not a self-signed certificate), but has only the .pfx file for the SSL certificate, does not
have the .crt/.cer and the .key files.
What we need for running our eScan Webconsole on HTTPS with a valid SSL certificate.
- webconsole.cer
- webconsole.key
- ca.cer file
How to extract .crt and .key files from .pfx file?
- Create a folder named “certs” in the C drive root and copy available .pfx to this folder Eg: yourfile.pfx
- Open the command prompt and go to \MicroWorld\apache2\bin folder.
- Run the following command to extract the certificate: openssl pkcs12 -in C:\certs\yourfile.pfx -clcerts -nokeys -out C:\certs\your_domain.crt
- Run the following command to extract the private key: openssl pkcs12 -in C:\certs\yourfile.pfx -nocerts -out C:\certs\enc_domain.key You will be prompted to type the import password. Ask the customer to type the password that he used to protect the keypair while creating the .pfx file. You will be prompted again to provide a new password to protect the .key file that you are creating. Store the password to your key file in a secure place to avoid misuse.
- Run the following command to decrypt the private key: openssl rsa -in C:\certs\enc_domain.key -out C:\certs\dec_domain.key You will be prompted to type the password. Type the password that you set in step 4 to protect the .key file.
- Now export the your_domain.crt to webconsole.cer. Refer below link to know how to export https://support.comodo.com/index.php?/Knowledgebase/Article/View/361/17/how-do-i-convert-crt-file-into-the-microsoft-cer-format
- Get the ca.crt or ca.cer file from the SSL certificate provider. If you have the ca.crt file export it to ca.cer file.
- Rename the dec_domain.key to webconsole.key
- Stop the eScan-apache service.
- Rename the files ca.cer, webconsole.cer and webconsole.key from the “MicroWorld\apache2\bin\ssl” folder to ca.cer_ss, webconsole.cer_ss and webconsole.key_ss respectively.
- Copy the files ca.cer, webconsole.cer and webconsole.key from the C:\certs\ folder to the “MicroWorld\apache2\bin\ssl” folder.
- Start the eScan-apache service.
