EJBCA User guide

Sat, 08 Oct 2005 09:10:00 GMT

摘要: User guide About Security Upgrade Quick start guide Prerequisites Configure Install Running optional tests After the installation Administrating EJBCA Creating more CAs ... 阅读全文

Java与RFID中间�?/a> 2005-10-08 17:10 发表评论

Sat, 08 Oct 2005 09:05:00 GMT

一准备工作(本文档中的�\径均为我自己在安装时的�\�?

使用EJBCA集成的数据库,所有可以不安装数据�?BR>安装JDK1.4.*,讄��JAVA_HOME=C:\j2sdk1.4.2_02;讄��classpath=C:\j2sdk1.4.2_02\lib;讄��path=C:\j2sdk1.4.2_02\bin;
安装ANT,下蝲安装�?解压�~�到安装路径,讄��ANT_HOME=C:\apache-ant-1.6.1;讄��path=C:\apache-ant-1.6.1\bin;(一般ANT的安装没有什么问题的)
安装JBOSS,下蝲安装�?解压�~�到安装路径,讄��JBOSS_HOME=C:\jboss-3.2.5,启动JBOSS(�q�行JBOSS_HOME\bin\run.bat),�?A href="http://localhost:8080讉K��,出现JBOSS的相关信�?�q�表�C�JBOSS安装成功/" target=_blank>http://localhost:8080讉K��,出现JBOSS的相关信�?�q�表�C�JBOSS安装成功/
��C��载JDK的地方下载一�?"Unlimited Strength Jurisdiction Policy Files",解压�~�之后得��C��个JCE文�g�?��里面的两个文�g复制到系�l�默认得jre环境的lib\security下面覆盖原来的两个文�?(我安装时��这两个文�g复制到JAVA_HOME\jre\lib\security 下面install旉��不�q?攑ֈ�了C:\Program Files\Java\j2re1.4.2_02\lib\security 下面 install才顺利进�?

装好�q�些之后,最好重启机�?让ejbca扑־�到JBOSS_HOME

�?ant build.xml �q�程
�q�行 cmd 到ejbca 的安装目录下,�q�行ant

C:\ejbca>ant (ant 会根�?ejbca �?build.xml文�g,创徏 �~�译打包复制文�g)
Buildfile: build.xml

init:
[mkdir] Created dir: C:\ejbca\tmp\classes
[mkdir] Created dir: C:\ejbca\dist

compile:
[javac] Compiling 462 source files to C:\ejbca\tmp\classes
[copy] Copying 466 files to C:\ejbca\src\java

apply.war:
[mkdir] Created dir: C:\ejbca\tmp\publicweb\apply.war
[copy] Copying 20 files to C:\ejbca\tmp\publicweb\apply.war
[copy] Copying 43 files to C:\ejbca\tmp\publicweb\apply.war\WEB-INF\classe

[jar] Building jar: C:\ejbca\dist\apply.war

status.war:
[mkdir] Created dir: C:\ejbca\tmp\publicweb\status.war
[copy] Copying 1 file to C:\ejbca\tmp\publicweb\status.war
[copy] Copying 25 files to C:\ejbca\tmp\publicweb\status.war\WEB-INF\class
s
[jar] Building jar: C:\ejbca\dist\status.war

webdist.war:
[mkdir] Created dir: C:\ejbca\tmp\publicweb\webdist.war
[copy] Copying 7 files to C:\ejbca\tmp\publicweb\webdist.war
[copy] Copying 47 files to C:\ejbca\tmp\publicweb\webdist.war\WEB-INF\clas
es
[jar] Building jar: C:\ejbca\dist\webdist.war

ca.jar:
[mkdir] Created dir: C:\ejbca\tmp\ca\ca.jar
[copy] Copying 435 files to C:\ejbca\tmp\ca\ca.jar
[jar] Building jar: C:\ejbca\dist\ca.jar

log.jar:
[mkdir] Created dir: C:\ejbca\tmp\log.jar
[copy] Copying 10 files to C:\ejbca\tmp\log.jar
[copy] Copying 23 files to C:\ejbca\tmp\log.jar
[jar] Building jar: C:\ejbca\dist\log.jar

authorization.jar:
[mkdir] Created dir: C:\ejbca\tmp\authorization.jar
[copy] Copying 9 files to C:\ejbca\tmp\authorization.jar
[copy] Copying 90 files to C:\ejbca\tmp\authorization.jar
[jar] Building jar: C:\ejbca\dist\authorization.jar

hardtoken.jar:
[mkdir] Created dir: C:\ejbca\tmp\hardtoken.jar
[copy] Copying 9 files to C:\ejbca\tmp\hardtoken.jar
[copy] Copying 64 files to C:\ejbca\tmp\hardtoken.jar
[jar] Building jar: C:\ejbca\dist\hardtoken.jar

keyrecovery.jar:
[mkdir] Created dir: C:\ejbca\tmp\keyrecovery.jar
[copy] Copying 10 files to C:\ejbca\tmp\keyrecovery.jar
[copy] Copying 28 files to C:\ejbca\tmp\keyrecovery.jar
[jar] Building jar: C:\ejbca\dist\keyrecovery.jar

ra.jar:
[mkdir] Created dir: C:\ejbca\tmp\ra.jar
[copy] Copying 11 files to C:\ejbca\tmp\ra.jar
[copy] Copying 94 files to C:\ejbca\tmp\ra.jar
[jar] Building jar: C:\ejbca\dist\ra.jar

adminweb.war:
[mkdir] Created dir: C:\ejbca\tmp\adminweb.war
[copy] Copying 95 files to C:\ejbca\tmp\adminweb.war
[copy] Copying 13 files to C:\ejbca\tmp\adminweb.war\WEB-INF\classes
[jar] Building jar: C:\ejbca\dist\adminweb.war

ca.ear:
[mkdir] Created dir: C:\ejbca\tmp\ca\ear
[copy] Copying 1 file to C:\ejbca\tmp\ca\ear\ear
[copy] Copying 7 files to C:\ejbca\tmp\publicweb\publicwebroot.war
[jar] Building jar: C:\ejbca\tmp\ca\ear\ear\publicwebroot.war
[copy] Copying 10 files to C:\ejbca\tmp\ca\ear\ear
[copy] Copying 7 files to C:\ejbca\tmp\ca\ear\ear\lib
[jar] Building jar: C:\ejbca\dist\ejbca-ca.ear

admin.jar:
[mkdir] Created dir: C:\ejbca\tmp\adminjar
[copy] Copying 2 files to C:\ejbca\tmp\adminjar
[copy] Copying 217 files to C:\ejbca\tmp\adminjar
[jar] Building jar: C:\ejbca\admin.jar

build:

BUILD SUCCESSFUL
Total time: 30 seconds

在这个过�E�中会在EJBCA下面生成tmp �?dist 文�g夹以及一个admin.jar(在install时用得着),据我自己分析,ejbca本��n所有的东西都放在tmp文�g多w��?ejbca\tmp\java\classes下面有所�?class 文�g,dist用来攑֐�个部分打的包.
(有一�Ҏ��不明白的是�ؓ什么要把admin.jar攑֜�下面根目录下�?而不把部�|�文件ejbca-ca.ear攑֜��q�个下面)

�?ant deploy �q�程
C:\ejbca>ant deploy
Buildfile: build.xml

init:

compile:

apply.war:

status.war:

webdist.war:

ca.jar:

ra.jar:

adminweb.war:

log.jar:

hardtoken.jar:

keyrecovery.jar:

authorization.jar:

ca.ear:

admin.jar:

deploy:
[copy] Copying 1 file to C:\jboss-3.2.2RC1_tomcat-4.1.24\server\default\dep
loy
[copy] Copying C:\ejbca\dist\ejbca-ca.ear to C:\jboss-3.2.2RC1_tomcat-4.1.2
4\server\default\deploy\ejbca-ca.ear

BUILD SUCCESSFUL
Total time: 6 seconds

�q�时你在JBOSS_HOME\server\default\deploy下面发现多了个ejbca-ca.ear文�g,ejbca-ca.ear 是上一步的ca.ear:时生成的,�q�个文�g里包含了ant 时打的所有的�?BR>启动JBOSS 你会发现有ejbca-ca.ear部��v成功的信�?在启动JBOSS的过�E�中,JBOSS会对ejbca-ca.ear作一些处�?BR>
�?install �q�程

C:\ejbca>install
Welcome to EJBCA Installation
This script acts as a wizard helping you with the installation of your Certifica
te Authority.

Before the installation will begin make sure of the following preparations have
been done:

1. The EJBCA application is deployed to the application server. ('ant deploy')

2. You run this installation with access to administrative privileges.(你的��d��机器的��n份必��d��有administrator�w�䆾)

Is these requirements meet (Yes/No) :Yes

This installation will create a first administrative CA. This CA will be used to
create the first
superadministrator and for the SSL server certificate of administrative web serv
er.

When the administrative web server have been setup you can create other CA:s and
administrators.

Please enter the short name for the CA.
This is only used for administrative purposes,
avoid spaces or odd characters (Ex 'AdminCA1') :shaoshao(�q�是�l�CA命一个common name , 一个好记的名字,可以自己�?
Enter the Distinguished Name of the CA. This is used in the CA certificate to di
stinguish the CA. (Ex 'CN=AdminCA1,O=PrimeKey Solutions AB,C=SE') :CN=shaoshao,
O=PrimeKey Solutions AB,C=SE(�q�是CA 的DN,我想CN应该与前面一�?)
Enter the keysize in bits of the CA, only digits. (Ex '2048') : 2048
Enter the validity in days for the CA, only digits (Ex '3650') :3650
Enter the policy id of the CA. Policy id determine which PKI policy the CA uses.

Type your policy id or use '2.5.29.32.0' for any policy or 'NO' for no policy at
all.
(Ex '2.5.29.32.0') :202.197.125.190(输入自己机器的IP,也可以��用通用�?.5.29.32.0)
(以上都是有关创徏CA的一些信�?CA会有一个根证书SuperAdmin)

Now for some information required to set up the administration web interface.(为EJBCA �?administr
ative web gui 创徏一�?ssl 服务器端证书 )

Please enter the computer name of CA server. (Ex 'caserver.primekey.se') :hs(输入自己机器的名�?
Enter the Distinguished Name of the SSL server certificate used by the administr
ative web gui
(Ex 'CN=caserver.primekey.se,O=PrimeKey Solutions AB,C=SE') :CN=huangshao,O=PrimeKey Solutions AB,C=SE(ssl服务器端证书的DN,CN应该是可以随便取�?在通过https://:8443/ejbca/adminweb
4. And now your are all set to start using EJBCA.

If you are interested in professional support of EJBCA and PKI related question
s,
please contact PrimeKey Solutions AB, Sweden at ejbca@primekey.se or http://www.primeke/
y.se for more information.

在这个阶�D�会创徏CA 创徏两个证书(在ejbca下面会有p12/superadmin.p12生成) install的具体有那些操作可以打开ejbca\install.cmd看看
(我这里有个问题是: 老是出现keytool错误�Q?java.lang.Exception: 别名不存�?是不是第一�ơ装ejbca都会出现�q�个错误?)

�?讉K��administration page
重新启动JBOSS ,��p12/superadmin.p12导入��览�?然后通过https://localhost:8443/ejbca/adminweb ��可以访问了

我在安装的过�E�中,出现了很多问�?有时候install成功�?但是https://localhost:8443/ejbca/adminweb 讉K��时就是打不开��面,也不知道什么原�?只好把JDK,JBOSS,EJBCA重新安装了很多次,重启了很多次机器之后才成功的.

其中有错误的地方,请大家一定要指出�?

Java与RFID中间�?/a> 2005-10-08 17:05 发表评论

高清久久精品,久久亚洲精品一区,久久久久久九九九九

EJBCA User guide