iPass Help
 
 
 

iPass Certificate Enrollment

To complete installation you will need to obtain a signed certificate from iPass. If this is your first NetServer installation then please contact your Sales Representative for details. If you are already an iPass Customer then please request this service through your usual iPass Support channel.

To add this server to the iPass Network you will also need to supply the following information:

  • Public IP address
  • Operating system name
  • Operating system version
  • Operating system kernel and service pack
  • Firewall products in use
  • Authentication protocol (e.g. RADIUS)
  • System host name

If you want to generate more ns type keystore, you can repeat the above process,or can skip the step.Next step is to import the certificate to keystore(ns1.keystore) as:

  • If SMTP services are available on this server or another computer, you should email the contents of <NS_Home>/certs/mail_cert_req.data as a text file attachment to the network analyst responsible for your deployment or the email alias ops-so@ipass.com.
  • If SMTP services are not available on this server, you can exchange certificates in real time with an iPass technician using FTP. Contact your iPass installation engineer to arrange this exchange.

If you are cutting and pasting the file from an email, be sure to include the header and footer of the certificate string as shown in the example certificate here.

Upon successful completion of the certificate request generation script, iPass will process your request and generate a certificate for your NetServer. The x509 certificate will allow SSL 128-bit encrypted communication between the iPass transaction server and your NetServer.

This process may take up to 48 hours. If you need the certificate immediately, please contact iPass Technical Support.

Once you have the signed certificate, place the same under /usr/ipass/netserver/current_version/certs folder and you have to import the same to the respective keystore to complete the process. Use the ipassconfig.csh to import the same, type the following command to import the signed certificate: 

/usr/ipass/netserver/current_vesrion/bin/ipassconfig.csh -import_cert <KeyStoreProperty> 
"<Signed_Certificate_File_Path>"

For instance, CSR generated for the KeyStore2 and to import the signed certificate mail_cert_req2.crt, do the following: 

./ipassconfig.csh -import_cert KeyStore2 "<NETSERVER_HOME>/certs/ mail_cert_req2.crt"

Importing a Trusted certificate from keystore
 
[/usr/ipass/netserver/current_version/certs/ipassCA.keystore] to keystore [/usr/ipass/netserver/current_version/certs/ns1.keystore]

Importing a signed primary certificate
[/usr/ipass/netserver/current_version/certs/mail_cert_req2.crt] to a Java keystore [/usr/ipass/netserver/current_version/certs/ns1.keystore]

Go to: NetServer Admin Guide > Configuration

 

©2015 iPass Inc. All rights reserved. Terms of Use