Listing 1: Encryption key pair generation in the server
sadr% /usr/local/ns-home/bin/https/admin/bin/sec-key
--------------------------------------------------------
| Netscape Communications Corporation |
| Key Pair File Generation |
--------------------------------------------------------
Welcome to the key pair file generator. With this program,
you can generate the public and private keys that your server
uses for secure communications.
First, the server needs to know where to put the new key.
You should NOT overwrite an existing key pair file!
Place the new key in a separate location. Make a note
of the new key's location! You will need it later when
you request a certificate.
Type a full pathname to the new keyfile's location:
The key will be placed in:
Next, a random seed must be generated that will be used in the
creation of your key pair file. One of the easiest ways to create
a random seed is to count the amount of time between keystrokes on
a keyboard.
To begin, type keys on the keyboard until this progress meter
is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!
|*******************************/ |
Continue typing until the progress meter is full:
Great! Press enter to continue.
Generating key. This may take a few minutes...
Done. Finally, enter a password which will be used to
encrypt the key pair file. You will use this password
when starting up and shutting down your server.
NOTE: Be sure to keep this password safe! If you must
write down the password, the physical safety of the
recording is your responsibility.
The password must be at least 8 characters long, and
must contain at least one non-alphabetic character in
it. It should not be a word in any dictionary.
Password:
Re-enter password:
Congratulations!
Your new key is in: /usr/local/ns-home/https-
sadr/config/ServerKey.db
-rw------- 1 root 32768 Mar 3 12:20 /usr/local/ns-
home/https-sadr/config/ServerKey.db
Now that you have generated a key, return to the sec-gkey form
and in the box for 'Key File Path', enter:
/usr/local/ns-home/https-sadr/config/ServerKey.db
and then generate your certificate.
|