Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
alias.png 26.1 kB 1 05-Dec-2023 05:32 Ben Spink
png
bits.png 28.7 kB 1 05-Dec-2023 05:32 Ben Spink
png
cacerts_pass.png 13.9 kB 1 05-Dec-2023 05:32 Ben Spink
png
cert_info.png 52.4 kB 1 05-Dec-2023 05:32 Ben Spink
png
csr.png 47.2 kB 1 05-Dec-2023 05:32 Ben Spink
png
generate_keypair.png 45.8 kB 1 05-Dec-2023 05:32 Ben Spink
png
import_cert.png 48.6 kB 1 05-Dec-2023 05:32 Ben Spink
png
import_reply.png 26.5 kB 1 05-Dec-2023 05:32 Ben Spink
png
jks.png 34.4 kB 1 05-Dec-2023 05:32 Ben Spink
png
new_keystore.png 43.6 kB 1 05-Dec-2023 05:32 Ben Spink
png
password.png 29.3 kB 1 05-Dec-2023 05:32 Ben Spink
png
portecle.jar.png 37.4 kB 1 05-Dec-2023 05:32 Ben Spink
png
portecle_options.png 23.6 kB 1 05-Dec-2023 05:32 Ben Spink
png
save.png 48.1 kB 1 05-Dec-2023 05:32 Ben Spink
png
save_csr.png 72.6 kB 1 05-Dec-2023 05:32 Ben Spink

This page (revision-15) was last changed on 05-Dec-2023 05:32 by Ben Spink

This page was created on 05-Dec-2023 05:32 by Ben Spink

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 changed one line
Portecle is a free open source program that can help with certificate management.
Portecle is a free open source program that can help with certificate management. [http://portecle.sourceforge.net/]
At line 3 changed one line
[http://portecle.sourceforge.net/]
Portecle runs on any OS. Here is a guide on creating a new certificate.
At line 5 changed one line
Here is a guide on creating a new certificate.
If you are renewing a certificate, skip the steps below that are only for a new certificate.
At line 9 added 86 lines
Run portecle directly from the portecle website. Click the link to download, and run the application. (Portecle requires java to be installed on your machine to run.)\\
\\
Select new keystore from the file menu. (***New certificates only.)
[attachments|new_keystore.png]
Use the default JKS format. (***New certificates only.)
[attachments|jks.png]
Now, select generate key pair from the tools menu. (***New certificates only.)
[attachments|generate_keypair.png]
Select your bit strength. (***New certificates only.)
[attachments|bits.png]
Fill in the information about you or your company. Make sure the common name is your website host address. (***New certificates only.)
[attachments|cert_info.png]
Use an alias name that is the default of your website name. (***New certificates only.)
[attachments|alias.png]
Use a password that will be used again later for the keystore password. Make it the same. (***New certificates only.)
----
!!!SAVE YOUR KEYSTORE NOW! The CSR you make, all the other files you get, etc are all garbage if you loose this private key and your keystore. Save now, don't loose the keystore. You will need it after you get the signed cert back later on.
----
[attachments|password.png]
Now right click on your key pair and select generate certification request.
[attachments|csr.png]
Save the csr to your desktop or somewhere else.
[attachments|save_csr.png]
Get your CSR signed by your certificate authority. (This process is different for every cert authority. But the files you download after they have signed it should be in the Java or Tomcat format for simplicity. Do not get a bundle, but get the individual files.)
Now import the certificates given to you by your certificate authority. These are usually things like root, or intermediate, etc. (***New certificates only.)
[attachments|import_cert.png]
Now be sure to trust the certificate authorities builtin certificate, or else this next step will fail Go to the tools menu in Portecle, and select Options. Enable 'Use CA Certs Keystore'.
[attachments|portecle_options.png]
Now, import the "signed" version of your certificate file using the right click Import CA Reply menu.
[attachments|import_reply.png]
The next popup will be a request for you to enter the password for your CA Certs keystore file. The password here is 'changeit'. Enter that.
[attachments|cacerts_pass.png]
After this you may be asked for your cert password from the earlier steps. Enter it if prompted.
\\
\\
And finally, save your keystore with a .jks extension if its .jks or if its a pkcs12 format, then use .pfx for the extension.
[attachments|save.png]
Now you can reference this keystore in CrushFTP under the server preferences, Encryption, SSL tab. Or you can set it specifically on the advanced tab of a particular port.
\\
On some OS the Unlimited JCE plugins for Java do not install as part of JRE7 by default.
These policy files must be downloaded manually and installed in your Java lib/security folder.
Java6: [http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html] \\
Java7: [http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html] \\
You may also search google for: 'java unlimited cryptography policy files'
OS X Java 6 install location: /System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/lib/security/ \\
OS X Java 7 install location: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/ \\
Windows install location: C:\Program Files\Java\jre6\lib\security\ or C:\Program Files\Java\jre7\lib\security\
Once this has been done, edit the cipher list in the server prefs SSH port item, SSH tab to duplicate the AES128 ciphers and replace the 128 with 256.
Version Date Modified Size Author Changes ... Change note
15 05-Dec-2023 05:32 4.185 kB Ben Spink to previous
14 05-Dec-2023 05:32 4.245 kB Ben Spink to previous | to last
13 05-Dec-2023 05:32 3.986 kB Halmágyi Árpád to previous | to last
12 05-Dec-2023 05:32 3.988 kB Halmágyi Árpád to previous | to last
11 05-Dec-2023 05:32 3.984 kB Halmágyi Árpád to previous | to last
10 05-Dec-2023 05:32 3.966 kB Halmágyi Árpád to previous | to last
9 05-Dec-2023 05:32 3.962 kB Halmágyi Árpád to previous | to last
8 05-Dec-2023 05:32 3.017 kB Ben Spink to previous | to last
7 05-Dec-2023 05:32 2.685 kB Ben Spink to previous | to last
6 05-Dec-2023 05:32 2.22 kB Ben Spink to previous | to last
5 05-Dec-2023 05:32 2.127 kB Ben Spink to previous | to last
4 05-Dec-2023 05:32 2.124 kB Ben Spink to previous | to last
3 05-Dec-2023 05:32 1.842 kB Ben Spink to previous | to last
2 05-Dec-2023 05:32 1.665 kB Ben Spink to previous | to last
1 05-Dec-2023 05:32 0.182 kB Ben Spink to last
« This page (revision-15) was last changed on 05-Dec-2023 05:32 by Ben Spink
G’day (anonymous guest)
CrushFTP11 | What's New
JSPWiki