STARFACE WIKI (English)

Seitenhierarchie

Suche

Versionen im Vergleich

Alte Version 1

changes.mady.by.user Redakteur 1

Gespeichert am

verglichen mit

Neue Version Aktuell

changes.mady.by.user Redakteur 4

Gespeichert am

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.
Kommentar: Titel standardisiert, QA

...

A certificate is required for the web server to use HTTPS. A provisional certificate is already stored in STARFACE. An entry mask opens when the button "New Certificate button" is pressed. Two pieces of information are required under all circumstances The following information is mandatory in this mask:

Field nameDescription
Server

...

nameThis information refers to the domain for which the certificate is to be valid.
SANThis information describes the alternative name, which is specified in the certificate and extends the validity by further domain names. This name does not have to be related to the basic domain (common name).
Days of

...

validityThis information refers to how long the certificate is to be valid for in days.

The domain name must be complete and correct, e.g. companyname.net (without https://). Generally speaking, a certificate is not valid for possible sub-domains, but what are known as “wildcard certificates” are an exception to this rule. To meet the purpose of a has no validity for any subdomains, whereby so-called wildcard certificates are an exception. In order to do justice to the meaning of a real server certificate, the certificate must be signed by a certificate an external certification authority (Certificate Authority or CA). A selection of recognized certificate certification authorities can be found in the settings of the web browser used. However, external certification is not mandatory if, for example, STARFACE is only accessible internally. The requirements and conditions of the respective certification bodies for this process must also be taken into account.

Hinweis
Note: Please also note the respective certificate authorities’ requirements and conditions for this processthat Private Keys cannot be imported via the web interface.

An encrypted file of the certificate is generated using the button "Certificate Request" button. The content of the window must be copied and sent to the selected certificate authority by e-mail. The certificate authority checks the application and sends the signed certificate back, generally by e-mail.

The signed certificate is imported using the button "Import Certificate Response" button; a new window with two text boxes opens during this process. The certificate authority’s signed certificate is copied to the top text box. Since the structure of the feedback from the various certification authorities can be very different, it is recommended that all received certificates (with the exception of except the root certificate of the certification authority) be copied together in the following form:

-----BEGIN CERTIFICATE-----
           CA ZertifikatCertificate
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
         Intermediate Zertifikat Certificate 1
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
          Intermediate Zertifikat Certificate 2
-----END CERTIFICATE-----

...