You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org> on 2006/09/19 05:12:22 UTC
[jira] Created: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Add a Certification Authority (CA) portlet to Geronimo console
--------------------------------------------------------------
Key: GERONIMO-2413
URL: http://issues.apache.org/jira/browse/GERONIMO-2413
Project: Geronimo
Issue Type: New Feature
Security Level: public (Regular issues)
Components: console, security
Reporter: Vamsavardhana Reddy
Assigned To: Vamsavardhana Reddy
Fix For: 1.2, 1.x
A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Paul McMahan (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12449436 ]
Paul McMahan commented on GERONIMO-2413:
----------------------------------------
Vamsi, Sorry it has taken me a while to look at this patch. I'm ready to look now but using GERONIMO-2413-v1.2.patch against trunk I get several HUNK failures. Can you generate a new patch?
patching file applications/console/geronimo-console-core/src/main/java/org/apache/geronimo/console/util/ManagementHelper.java
Hunk #2 FAILED at 124.
patching file configs/pom.xml
Hunk #1 FAILED at 175.
patching file modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
Hunk #1 FAILED at 18.
Hunk #2 FAILED at 178.
patching file modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Hunk #1 FAILED at 64.
Hunk #2 FAILED at 452.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.1.x.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: G-2413-v1.2-revised.patch
G-2413-v1.2-revised.patch:
There had been some updates to the related code. Please use this patch with trunk.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, G-2413-v1.2-revised.patch, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.1.x.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Reopened: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy reopened GERONIMO-2413:
-------------------------------------------
I will be submitting a patch with more functionality. Additional functions include:
o Processing a certificate request based on SignedPublicKeyAndChallenge
o Portlet screens to view certificate requests stored in a "Certificate Request Store"
o A CA helper application that will enable submitting certificate requests from web browser, download issued certificates into web browser, etc.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: GERONIMO-2413.patch
GERONIMO-2413.patch:
Certification Authority portlet with the following functions:
1. Setup Certification Authority: Lets the user input CA details and initialize the CA. CA's keys are stored and accessed using KeystoreGBean.
2. Lock and Unlock CA
3. View CA Details: Shows the details of the CA's certificate etc.
3. Issue New Certificate: Processes a CSR and issues a certificate
4. View Issued Certificate: Previously issued certificates can be viewed by providing the serial number.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Assigned To: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: GERONIMO-2413.patch
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12450120 ]
Vamsavardhana Reddy commented on GERONIMO-2413:
-----------------------------------------------
I would like this portlet to be in 1.2 release. Thanks to all who have reviewed the patch and voted. If others do not have any concerns/issues, I will commit this before 1.2 branch is created or in 48 hours, which ever is earlier.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, G-2413-v1.2-revised.patch, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.1.x.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12440341 ]
Vamsavardhana Reddy commented on GERONIMO-2413:
-----------------------------------------------
Excerpt from my first comment:
Certification Authority portlet with the following functions:
1.
2.
3.
another 3.
4 ...
I seem to have "counting problems" :o(. But, you can definitely count on me :o)
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: GERONIMO-2413-v1.2.patch
GERONIMO-2413-v1.2.patch: Includes CA portlet and CA Helper application.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12449898 ]
Vamsavardhana Reddy commented on GERONIMO-2413:
-----------------------------------------------
Hi Paul,
I have uploaded a new patch G-2413-v1.2-revised.patch.
Thanks,
Vamsi
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, G-2413-v1.2-revised.patch, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.1.x.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: GERONIMO-2413-v1.1.x.patch
GERONIMO-2413-v1.1.x.patch: For those who want to try out the CA portlet on 1.1.x codebase.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.1.x.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Assignee: (was: Vamsavardhana Reddy)
Unassigning so that a committer can pickup.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: security, console
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: GERONIMO-2413.patch
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: GeronimoCA.zip
GeronimoCA.zip: More screenshots.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: security, console
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: GERONIMO-2413-revised.patch
GERONIMO-2413-revised.patch: Please use GERONIMO-2413-revised.patch instead of GERONIMO-2413.patch . TortoiseSVN has duplicated the newly added files in GERONIMO-2413.patch
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: security, console
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: GERONIMO-2413-revised.patch, GERONIMO-2413.patch
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12443025 ]
Vamsavardhana Reddy commented on GERONIMO-2413:
-----------------------------------------------
How do you remove/edit CA info once configured?
During the setup, CA (let me call it Geronimo CA) uses a self-signed certificate. If Geronimo CA decides to get certified by another CA, Geronimo CA can import its certificate into 'ca-keystore' using the keystore portlet. If Geronimo CA's certificate changes, it should be published again using the "Publish CA Certificate" link in CA Portlet.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-2413) Add a Certification Authority (CA)
portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=all ]
Vamsavardhana Reddy updated GERONIMO-2413:
------------------------------------------
Attachment: 02.ca-initialization-enter-details.JPG
07.issue-certificate-show-csr-details.JPG
09.issue-certificate-successful.JPG
Screenshots attached.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: security, console
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413.patch
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12438389 ]
Vamsavardhana Reddy commented on GERONIMO-2413:
-----------------------------------------------
Don't forget to apply GERONIMO-2436-v1.2.patch before trying the CA portlet.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Assigned To: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: GERONIMO-2413.patch
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Hernan Cunico (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12441843 ]
Hernan Cunico commented on GERONIMO-2413:
-----------------------------------------
I am almost done testing with Tomcat on trunk (1.2).
How do you remove/edit CA info once configured?
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-2413) Add a Certification Authority
(CA) portlet to Geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-2413?page=comments#action_12442928 ]
Vamsavardhana Reddy commented on GERONIMO-2413:
-----------------------------------------------
Here is a scenario I have tested.
Step 1. Setup CA by entering CA Name details etc.
Step 2. Generate a CSR from geronimo-default keystore and process the server certificate request using "Issue New Certificate" link in CA portlet.
Step 3. Import CA's certificate as trusted and the CA reply.
Step 4. Setup an HTTPS Connector configured for client authentication.
Step 5. Start the CA Helper application from "Web App WARs" portlet
In a second browser window,
Step 6. Access the CA Helper Application at http://localhost:8080/CAHelper through a web browser that supports KEYGEN tag. Internet Explorer does not support KEYGEN tag.
Step 7. Submit a Certificate Request through web brower using "Request Certificate" link. Upon submission the request shows up in "Requests to be verified" page in CA portlet. NOTE: Make a note of the request id as it will be required to download the cerfiticate issued by the CA.
In CA portlet,
Step 8. Approve the request through CA portllet using "Requests to be verified" link. Approved requests showup in "Requests to be fulfilled" page.
Step 9. Process the request from "Requests to be fulfilled" page and issue certificate.
In the CA Helper window,
Step 10. Import CA's certificate into web browser suing "Download CA certificate" link.
Step 11. Install personal certificate using the "Download Certificate" link and request id from Step 7 above.
Step 12. Access the verify certificate link to verify that the certificate is downloaded and installed.
Summary of the scenario: CA is setup; a certificate request is submitted through web browser and issued certificate is downloaded into the web browser.
> Add a Certification Authority (CA) portlet to Geronimo console
> --------------------------------------------------------------
>
> Key: GERONIMO-2413
> URL: http://issues.apache.org/jira/browse/GERONIMO-2413
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: console, security
> Reporter: Vamsavardhana Reddy
> Fix For: 1.2, 1.x
>
> Attachments: 02.ca-initialization-enter-details.JPG, 07.issue-certificate-show-csr-details.JPG, 09.issue-certificate-successful.JPG, GERONIMO-2413-revised.patch, GERONIMO-2413-v1.2.patch, GERONIMO-2413.patch, GeronimoCA.zip
>
>
> A Certification Authority portlet will be very useful. A full fledged CA may be a long way to go. But what ever minimum function is required to process CSR's etc. is not hard and the users can issue their own digital certificates instead of getting trial certificates from some CA.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira