|
cosign-discuss at umich.edu
|
general discussion of cosign development and deployment
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Using UM certificate for cosign
Konstantin,
1) Apply the Registry fix. Have you done this already?
2) Check your permissions then check them again then ask somebody else to
double-check for you. Restart IIS then try to access your web site. The
permissions are varied and plenty and many have stumbled because of it. :)
When you access the web site this will actually cause IISCoSign to load.
IIS 6.0 doesn't load the filter until it is needed.
3) I assure you, people have Windows 2003/IIS6 with IISCosign
up-and-running *besides me*!
4) dbmon.exe is a very useful program that IISCosign uses to report
non-log-file-worthy events. Run this before restarting IIS to see what
IISCosign is up to.
The private and public key is used for RSA public key cryptography. For an
overview of how things work, you can check this out:
<http://developer.netscape.com/tech/security/ssl/howitworks.html>
--Jarod Malestein
--University of Michigan
--ITCS
--On Tuesday, April 20, 2004 1:52 PM -0400 Konstantin Voyk
<kvoyk@xxxxxxxxx> wrote:
Hi,
I've tried install cosign filter on IIS 6 with Windows 2003 several times
in accordance with instructions in README. Cosign filter status is "Up"
but priority is *Unknown*. I looked with FileMonitor and it looks like
cosign.dll never accessed. I set up all permissions but there are no any
records in "Logs" directory.
Does somebody was able to make cosign work with IIS6 and W2003.
I don't think that this problems related to certificates but would
appreciate if you describe how cosign use .key file and .cert file.
Thank you for any advices.
Konstantin Voyk.
-----Original Message-----
From: jarod@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[mailto:jarod@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of jarod@xxxxxxxxx
Sent: Monday, April 19, 2004 4:05 PM
To: Konstantin Voyk; cosign@xxxxxxxxx; 'Cosign Discussion'
Subject: Re: Using UM cerfificate for cosign
Konstantin,
(This response is assuming you're still working with IISCosign, yes?) If
you already have a UM-signed certificate all you need to do is change
some settings in your cosign.dll.config file.
<CAFilePath> should still point to umwebCA.pem.
<ChainFilePath> should indicate the folder where your certificate, *.cert
file, is.
<PrivateKeyFilePath> points to the location of the private key file.
Restart IIS and the new settings will be recognized by IISCosign.
--Jarod Malestein
--University of Michigan
--ITCS
--On Monday, April 19, 2004 10:45 AM -0400 Konstantin Voyk
<kvoyk@xxxxxxxxx> wrote:
>
>
> Hi Everybody,
>
> I have UM client/server certificate and would like use it for cosign.
> Could somebody explain me how can I do it or point me to a right source?
>
> Thank you,
>
>
>
> Konstantin Voyk
>
> (734) 615-3816
>
> kvoyk@xxxxxxxxx
>
> Infotech, Law School
>
> University of Michigan
>
>
|