Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
en:services:it_security:pki:start [2024/03/15 11:26] – [... from the GÉANT TCS PKI] thinderen:services:it_security:pki:start [2024/03/15 13:22] (current) – [... from the GÉANT TCS PKI] thinder
Line 41: Line 41:
  
 </WRAP> </WRAP>
-===== Apply for server certificate =====+===== Apply for server certificates... =====
  
-Call OpenSSL with the following Parameters+==== ... from the GÉANT TCS PKI ==== 
 +To request ACME External Account Binding Information for server certificates from the GÉANT TCS PKI, which is anchored in the client of the DFN of the GÉANT TCS PKI, send an e-mail to [[support@gwdg.de?subject=Request for ACME External Account Binding Information for the following server(s):&body=Dear Sir or Madam,%0A%0AI would like to request ACME External Account Binding information for the following server(s):%0A%0A|support@gwdg.de]] or use the [[https://www.gwdg.de/support|Support form]] of the GWDG. 
 + 
 +<WRAP center round download 80%> 
 +Once you have received the ACME External Account Binding information, you can automatically create the certificates for your servers. Instructions on how to do this can be found in the following GWDG News article: 
 +  - [[https://www.gwdg.de/documents/20182/27257/GN_3-2022_www.pdf#page=10|GWDG News 03|22]] - Part 4: Automated Creation of Server Certificates with Bot Software 
 +</WRAP> 
 +<WRAP center round important 60%> 
 +(currently only in German) 
 +</WRAP>
  
 ==== Unix/OS X ==== ==== Unix/OS X ====
 +<WRAP center round info 80%>
 +Call OpenSSL with the following Parameters
 +
 +</WRAP>
 +
 Simple Bash script... Simple Bash script...
 <code bash createcsr.sh>openssl req -newkey rsa:4096 -sha256 -keyout priv-key.pem -out certreq.pem</code> <code bash createcsr.sh>openssl req -newkey rsa:4096 -sha256 -keyout priv-key.pem -out certreq.pem</code>
Line 61: Line 75:
 ===== Apply for server certificate with OpenSSL.cnf ===== ===== Apply for server certificate with OpenSSL.cnf =====
  
 +<WRAP center round info 80%>
 Call OpenSSL with the following Parameters Call OpenSSL with the following Parameters
 +
 +</WRAP>
  
 ==== Unix/OS X ==== ==== Unix/OS X ====
Line 266: Line 283:
   - [[https://www.gwdg.de/documents/20182/27257/GN_12-2020_www.pdf#page=10|GWDG Nachrichten 12|20]] - Teil 2: Ein Blick hinter die Kulissen eines Teilnehmerservices   - [[https://www.gwdg.de/documents/20182/27257/GN_12-2020_www.pdf#page=10|GWDG Nachrichten 12|20]] - Teil 2: Ein Blick hinter die Kulissen eines Teilnehmerservices
   - [[https://www.gwdg.de/documents/20182/27257/GN_3-2021_www.pdf#page=8|GWDG Nachrichten 03|21]] - Teil 3: Das Programm GUIRA für den Teilnehmerservice   - [[https://www.gwdg.de/documents/20182/27257/GN_3-2021_www.pdf#page=8|GWDG Nachrichten 03|21]] - Teil 3: Das Programm GUIRA für den Teilnehmerservice
 +
 +<WRAP center round important 60%>
 +(currently only in German)
 </WRAP> </WRAP>
 +
 +</WRAP>
 +