PDA

View Full Version : Setting up SSL Key - Volume Question

kapow
01-15-2008, 08:38 PM
Hello yet again,
I'm attempting to setup an SSL key for my application which is based on the LAMP template according to the directions in http://doc.3tera.net/AppLogic2/CatGatewayInssl.html. There is a placeholder volume (ssl_key) on the INSSL appliance that is redirected to the assembly.
I am assuming I need to create a volume just to store the key as I cannot use any of the existing volumes. This seems like a fairly heavy thing to do just to store the key.
Is my assumption correct?
JosephD
01-16-2008, 06:46 PM
Your assumption is correct.

I know it may seem like a bit of over kill to create an entire volume dedicated to such a small amount of information,
but the applogic environment makes it very easy to configure, implement, and use a small volume like this.

What it does for you is makes your key separate from grid maintenance functions like a clean command...
Which will overwrite anything you may have changed on the volumes that come from the catalog.

Joseph
3tera
kapow
01-16-2008, 06:50 PM
Yes. I did exactly that and created a small volume of size 1M. It worked just as documented. Thanks!
kapow
01-17-2008, 07:52 PM
As I just noted in another thread, it should be noted that to get this volume to mount on the INSSL appliance, the file system for the newly created volume must be of type 'ext3' or it won't mount. The fstab on the INSSL appliance restricts it.
kuletog12
03-11-2008, 11:50 AM
hi ... after mounting the volume to INSSL ex: MYINSSL.key, how can I be sure that I'm saving the generated CSR (the CSR was generated in one WEB app connected to it) in the correct volume.


thanks
JosephD
03-11-2008, 05:01 PM
After sending the CSR in to get your CRT you have to make sure that you are putting it on the correct volume that was created and mounted to the INSSL appliance... You can log directly in to the INSSL appliance from the GUI or the commandline of your grid to manually verify it.

Here is the link on how to use this volume.

http://doc.3tera.net/AppLogic2/CatGatewayInssl.html

Joseph
3tera
PeterNic
03-14-2008, 10:24 AM
kuletog12,

You should put the server.pem file in the root directory of the key volume (i.e., copy it to the path displayed by the CLI when you mount the key volume).

Once you start the appliance, you can verify that the key is in the correct location by logging into the appliance and looking in the /mnt/key directory (as a convention, placeholder volumes are mounted under /mnt/<volname>).

Regards,
-- Peter