RE: IIS6 Cosign installer

[Jarod Malestein <jarod@xxxxxxxxx>]

If anybody else notices that the installer doesn't create a private key and 
certificate signing request, please let me know.  I went through a fresh 
install process and was unable to create this behavior.

However, if the installer happens to fail to create your key and csr, all 
is not lost.  You can still do it manually and it's pretty straightforward.

An addendum to the instructions below (found in the readme.txt file): you 
will need to edit the umconfig.cfg before generating the csr!  After 
opening umconfig.cfg it should be pretty clear what to change.  (For 
example: replace INSERTSTATE with Michigan or Pennsylvania. :)  Since 
umconfig.cfg will be edited directly you will not be prompted to enter this 
info as described in step 3.  Also, replace all references below to U-M and 
umich.edu with your organization.  Sorry this hasn't been generic-ified yet.

--Jarod

+--== Using Openssl.exe to create certificates ==--+

If you skipped the auto-generating cert feature of the installer you can
still use the openssl utility to do this.

1) Open a command prompt and cd to your IISCosign folder.  Assuming you
  opted to install the openssl component you should see the openssl
  executable in this folder.

2) Run the following commands:

openssl genrsa 1024 > [server.name.umich.edu].key

openssl req -new -config umconfig.cfg -key [server.name.umich.edu].key -out 
[server.name.umich.edu].csr

3) When prompted for information, please provide the appropriate data. The
  common name will be the name of your server and the contact e-mail
  should be the e-mail of the person to be notified when the certificate
  is about to expire.

4) Send an e-mail to webmaster@xxxxxxxxxx Cut-and-paste the contents of the
  *.csr file into your e-mail.

5)  Place the UmWebCA.pem file, *.key file you generated, and the *.cert 
file
   you receive from the webmaster into your C:\[cosign path]\SSL\ folder.

6)  Update your XML configuration file to point to these files.

   The CAFilePath item points to the umwebca.pem file.

   The ChainFilePath item specifies the [yourservername].cert file that you
   received from the U-M webmaster.

   The PrivateKeyFilePath item points to the [yourservername].key private
   key file that you generated. Be sure to include the full path such as
    C:\Program Files\CosignFilter\SSL\servername.key.

7)  See +What to do next+ section of this readme.


--On Thursday, October 07, 2004 6:41 AM -0400 Konstantin Voyk 
<kvoyk@xxxxxxxxx> wrote:

> Jarod,
> This is new installation and I ran certificate creation wizard but I
> dind't get any *.key or *.csr files in installation IISCosign folder and
> appropriate subfolders. I did it twice.
> Konstantin.
>
> -----Original Message-----
> From: jarod@xxxxxxxxxxxxxx [mailto:jarod@xxxxxxxxxxxxxx] On Behalf Of
> Jarod Malestein
> Sent: Wednesday, October 06, 2004 4:43 PM
> To: Konstantin Voyk; cosign-discuss@xxxxxxxxx
> Subject: Re: IIS6 Cosign installer
>
>
> Were you upgrading from a previous version of IISCosign or were you
> installing on a machine that did not have an earlier version of IISCosign?
>
> The files that should be created by the installer, assuming you go
> through  the automatic cert creation, are a certificate signing request
> (*.csr) and  a private key (*.key).
>
> --Jarod
>
> --On Wednesday, October 06, 2004 7:48 AM -0400 Konstantin Voyk
> <kvoyk@xxxxxxxxx> wrote:
>
> > Hi everybody,
> > I downloaded and ran new installer IISCosignInstaller 1.1.0 RC1. I
> > passed installation    and creation certificate request part but didn't
> > find any .cer file in IISCosing folders. Is it bug there in
> > installation package or I did something wrong?
> > Thank you,
> > Konstantin Voyk.
> > LawIT
> >
> >
> >