Picture Perfect 2.0 Web Browser Version 1.4 Operator`s Guide

Transcription

Picture Perfect 2.0
Web Browser
Version 1.4
Operator’s Guide
GE Interlogix, CASI Division
791 Park of Commerce Boulevard
Suite 100
Boca Raton, Florida 33487
(561) 998-6100
Part Number: 460436004A
January 2003
This publication may contain examples of screens and reports used in
daily operations. Examples include fictitious names of individuals and
companies. Any similarity to names and addresses of actual business
enterprises and persons is entirely coincidental.
Copyright 1999 - 2003 GE Interlogix
All Rights Reserved
Printed in the USA
Access Vision, Picture Perfect, Secure Area Manager, and MicroProx are
trademarks of GE Interlogix.
AIX, AIX Windows, IBM, IBM Multiport Adapter, IBM 7855 Modem
Model 10, Informix, RISC System/6000, and Token-Ring, are registered
trademarks of International Business Machines Corporation.
Internet Explorer, Microsoft, and Windows are registered trademarks of
Microsoft Corporation.
Java is a trademark of Sun Microsystems, Inc. in the United States and
other countries, and is used under license.
Linux is a registered trademark of Linus Torvalds.
Netscape and Netscape Navigator are registered trademarks of Netscape
Communications Corporation in the United States and other countries.
SPARC is a registered trademark of SPARC International, Inc.
The Tarantella logo, and Tarantella are trademarks or registered
trademarks of Tarantella, Inc.
VeriSign is a trademark of VeriSign, Inc. Digital ID and Digital ID Center
are servicemarks of VeriSign, Inc.
Contents
Contents
1. Using This Manual.................. 1.1
Purpose ................................................... 1.1
Who Should Read this Manual ........... 1.1
Related Documentation........................ 1.2
Terminology........................................... 1.3
Click................................................... 1.3
Select.................................................. 1.3
Press .................................................. 1.4
Command......................................... 1.4
Notational and Typographical
Conventions........................................ 1.5
2. System Overview.................... 2.1
Introduction ........................................... 2.1
System Requirements ........................... 2.3
Servers Supported ........................... 2.3
Server Requirements
(Picture Perfect Host)................ 2.3
Client Requirements ....................... 2.6
Network Transport ......................... 2.6
Firewalls and Tarantella Ports....... 2.6
Web Browsers Supported .............. 2.7
Connectivity ........................................... 2.8
Use of Java Archives ..................... 2.11
3. Licensing, Installation, and
Removal.................................. 3.1
Licensing................................................. 3.1
Picture Perfect Terminal License... 3.1
Installation.............................................. 3.2
Picture Perfect Web Browser Interface Operator’s Guide
iii
Contents
Installing on an Enterprise
(Network) Picture Perfect
System .........................................3.3
Installing on a Redundant
Picture Perfect System...............3.4
Installing the Picture Perfect
Web Browser Software..............3.5
Installing the Security Package
(Optional)..................................3.13
Generating a Certificate Signing
Request (CSR)...........................3.14
Setting up the Browser
Workstations.............................3.20
Removal ................................................3.22
Removing the Picture Perfect
Web Browser Software............3.22
4. Getting Started........................ 4.1
Initial Setup.............................................4.1
Logging in and Using the
Picture Perfect Web Browser ............4.5
Follow-Me Printing .............................4.10
Follow-Me Printing Limitations ..4.11
5. System Administration .......... 5.1
Tarantella Log Files ...............................5.1
Starting/Stopping the Tarantella
Server Application .............................5.3
Web Server Documentation .................5.5
Starting/Stopping the Web Server......5.5
Administrative Tools.............................5.9
Data Flow........................................5.11
Firewall Configuration..................5.13
iv
00_coverTOC.fm Page v Monday, January 13, 2003 4:26 PM
Contents
6. Secure Socket Layer .............. 6.1
Security ................................................... 6.1
Configuring the Secure Socket
Layer (SSL) ................................. 6.3
SSL Status indication ...................... 6.9
How to Obtain a Certificate for
your Picture Perfect Web Server ... 6.14
Proof of Organization Name ....... 6.15
Customer Survey
Software Defect Report
v
Contents
vi
Using This Manual
Chapter
1
Purpose
This manual provides instructions for
installation, initial setup, and configuration of
the Picture Perfect Web Browser interface. It
also contains information for operating the
system once it is installed.
Who Should Read this Manual
This manual is intended for system
administrators who are responsible for the
planning and implementation of the system
design, and who perform system configuration
and setup using Picture Perfect forms that are
accessible only to the master-level operator.
Operators using the system should read the
chapters which relate to their duties.
The material in this manual has been prepared
for persons responsible for, and familiar with
the security needs of the customer facility.
1.1
Related Documentation
Related Documentation
For
detailed
information on
Picture Perfect.
Picture Perfect Administration Guide
For
information on
how to use
Picture Perfect.
Picture Perfect Operator’s Guide
!
!
For
detailed
information
about installing
and upgrading
Picture Perfect
on a Risc
System.
!
1.2
This manual provides information for Picture
Perfect operators who do not have the
administrative responsibilities of the system
administrator. It covers aspects of the system
they are likely to encounter during normal
operations.
Picture Perfect AIX Edition Installation Guide
This manual is a step-by-step guide to help the
system administrator connect hardware (HFT
subsystem, serial port adapters, ASCII terminals,
modems, printers, tape drives, X-Terminals,
micros); boot/install AIX; configure AIX for the
network, micro communication lines, printers
and X-Terminals; install Picture Perfect software
and set up X-Terminals.
— OR —
For
detailed
information
about installing
and upgrading
Picture Perfect
on a Linux
System.
!
This manual provides information for the
system administrator to set up, configure, and
manage the Picture Perfect database for the
customer’s facility.
Picture Perfect Linux Edition Installation Guide
This manual is a step-by-step guide to help the
system administrator connect hardware (PCs,
serial port adapters, modems, printers, tape
drives, X-Terminals, micros); boot/install Linux;
Using This Manual
1
configure Linux for the network, micro
communication lines, printers and X-Terminals;
install Picture Perfect software and set up
X-Terminals.
Terminology
Click
To “click” means to press and release a mouse
button while the pointer is on a designated area
of the screen in order to display a window or
select an option. The press-and-release makes a
clicking sound.
The term “double-click” means to press and
release a mouse button twice in rapid
succession. “Left-click” and “right-click” mean
to click the button on the left or right side of the
mouse.
Select
The word “select” indicates that you choose an
item from the current menu, submenu, form, or
picklist displayed on the screen. Use the mouse
or the cursor keys to select the item. For
example: Select Devices, then Terminals.
The statement above tells you to select a certain
submenu (Devices) and then to select a certain
form (Terminals) from that submenu. If you
make the selections with a mouse, you will
point to the Devices icon and click the left
1.3
Terminology
mouse button. When the submenu icons appear,
you will point and click on the Terminals icon
to select this form.
If you make the selections with a keyboard, you
will use the cursor keys instead of a mouse
pointer, and the Enter key instead of the left
mouse button.
Press
The phrase “press the _____ button” means to
use the mouse (or the keyboard) to “press” a
designated button on the screen. To press a
button with the mouse, point then click the left
button. To press a button with the keyboard, use
the Tab key and press Enter or Spacebar .
Command
The word “command” indicates a command
which would be typed as specified.
1.4
Using This Manual
1
Notational and Typographical
Conventions
This manual uses certain notational and
typographical conventions to make it easier for
you to identify important information.
Table 1-1: Notational and Typographical
Conventions
Item
Menu Titles,
Menu Items,
Field Names,
Form Titles,
Buttons
Keys
Text you enter
Example
Administration
Enter
Micro 1
To reduce the confusion between similar
numbers and letters, namely the number 1 and
the lowercase letter l along with the number 0
and the letter O, refer to the following list:
1234567890
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
!
Provides important information in a concise
manner. The graphic is displayed on the left
side of the page followed by the information.
1.5
Notational and Typographical Conventions
Table 1-1: Notational and Typographical
Conventions (Continued)
Item
Example
Notes
Provides additional information. The following
graphic is displayed on the left side of the page:
Caution
Provides information you should know to avoid
potential problems, before continuing. The
following graphic is displayed on the left side of
the page:
Warnings
Provides information you MUST know to avoid
consequences of a disastrous nature, before
continuing. The following graphic is displayed
on the left side of the page:
Operating
System
AIX
Linux
Default Entries
1.6
Information for an AIX®
system follows this symbol.
Information for a Linux™
system follows this symbol.
During the installation of the software, you will
be prompted with questions. Following the
question, a default answer may be shown in
brackets, for example: [y]
To accept the default answer, you may either
press Enter or you may type y and press
Enter . For clarity, in this manual we will instruct
you to type y Enter .
System Overview
Chapter
2
Introduction
The Picture Perfect Web Browser package is a
Web interface to Picture Perfect. When
implemented, a Picture Perfect operator has the
ability to access Picture Perfect using a Web
browser, thereby eliminating the need for
X-emulation software. By installing the Picture
Perfect Web Browser on the Picture Perfect
host, all desktops with a Web browser can be
given access to Picture Perfect by performing
the following steps:
1. Point your browser at the Picture Perfect
host address.
Result: An authentication applet is
automatically downloaded.
2. Enter your login and password.
3. Click Ok.
Result: The Picture Perfect Web Browser is
launched from which you can access Picture
Perfect.
2.1
Introduction
The Picture Perfect Web Browser is made up of
the following components:
❐
Tarantella™ software.
❐
Picture Perfect specific HTML files.
Picture Perfect
Host
Desktop Client
Tarantella
Picture Perfect
Web Server
Web Browser:
Internet Explorer®
Netscape Navigator®
Tarantella is an off-the-shelf product available
for both Linux and IBM AIX. It was designed to
Web-enable UNIX-based applications without
requiring the code to be re-written.
A Web Server and Tarantella are both installed
on the Picture Perfect host. Tarantella opens a
session with Picture Perfect and converts the
X-display, using AIP (Adaptive Internet
Protocol), into a Java™ applet. It then passes the
applet to the Web server application.
The Picture Perfect operator sees the exact same
screens he sees using the traditional
X-emulation solution. The functionality of
Picture Perfect is basically the same as it is with
X-emulation software with the following
exceptions:
2.2
System Overview
2
•
Since the Picture Perfect Web Browser is
designed around the concept of client-less
client server computing, you no longer
define Picture Perfect terminals for specific
client PCs. The number of terminals defined
in Picture Perfect controls the number of
concurrent connections allowed.
•
Picture Perfect 2.0 Web Browser Version 1.4
allows you to control which virtual terminal
is assigned to each operator. Follow the
instructions in the Picture Perfect
Administration Guide, Appendix F, to
configure your virtual terminals for Alarm
Routing, Alarm Bumping, and Swipe and
Show functionality.
System Requirements
Servers Supported
❐
Red Hat Linux 7.3 or later
❐
IBM AIX 5L or later
Server Requirements
(Picture Perfect Host)
❐
120 MB of space in /root
100 MB temporary space in /usr
52 MB in /tmp for installation files.
2.3
System Requirements
NOTE
AIX
An AIX operating system will
automatically resize the root filesystem as
necessary.
Linux
If a Linux system does not have the
required disk space in the root file system, you
have the option of installing in the Photo
partition.
❐
At least 128MB RAM (256MB
recommended)
❐
450 MHz minimum processing power
❐
Additional requirements per user:
Additional disk space, memory, and
processor speed are required for each
Tarantella user on the host.
❐
2.4
#
2.5 MB for each user
#
5 MHz for each user
#
For multiprocessor systems, one
processor for every 20 users, assuming
100 MHz processors. Processing Power:
100MHz minimum - Requires 5MHz per
concurrent user.
Additional requirements per application:
Additional memory is required on the host,
depending on the number and type of
applications you plan to use.
System Overview
2
#
For each X application, 1.5 MB for each
user
#
For each X application displayed using
Client Window Management, 2.5 MB for
each user
#
For a full Windows session, 1.7 MB for
each user
#
For character applications, 0.9 MB for
each user
#
For each 3270 or 5250 application, 1.5 MB
for each user.
2.5
System Requirements
Client Requirements
❐
PC clients: 166 MHz processor or greater
❐
64MB RAM minimum, 128MB
recommended
❐
Client devices must support TCP/IP
Network Transport
❐
Must support TCP/IP
Firewalls and Tarantella Ports
In addition to the standard ports necessary to
run HTTP traffic, there is another port required
for the client to communicate with the server.
This port number depends on whether you are
using SSL or standard connections.
2.6
•
For a standard connection, use port 3144.
•
For an SSL connection, when the Tarantella
Security Pack is installed, use the secure port
5307. It is recommended that the Tarantella
Security Pack be used when firewall
traversal is required. In this case only, port
5307 should be opened, as well as the ports
necessary for HTTP traffic, typically port 80.
System Overview
2
Web Browsers Supported
❐
NOTE
Must support Java, HTML 3.2 and Frames.
In general, use the latest released version of JVM (Java
Virtual Machine) build and Web browser with
configurable JIT (Just in Time) compiler enabled. Do not
use beta or preview versions of Web browsers.
Table 2-1: Web Browsers
Client Operating
System
Supported Web browsers
Windows 98, and
Windows NT 4
Netscape Navigator®4.7x, 6.x
Microsoft Internet Explorer 4.01, 5.0,
5.01, 5.5, 6.0.
Windows ME
Netscape Navigator 4.7x, 6.x
Microsoft Internet Explorer 5.5, 6.0.
Windows 2000 Professional
Microsoft Internet Explorer 5.0, 5.01, 5.5,
6.0.
Windows XP Professional
Microsoft Internet Explorer 6.0.
Other Client Types
that may be on your
Company Network
Linux® 2.2+
Netscape Navigator 4.7x
HP-UX 11.00+
2.7
Connectivity
Table 2-1: Web Browsers (Continued)
Client Operating
System
IBM AIX 5L+
SPARC® Solaris 2.6+
OS/2 Warp 4.51
Netscape Navigator 4.61
Connectivity
The Picture Perfect Web Browser can be used in
several different environments:
❐
Intranet
An intranet is a company wide LAN (Local Area
Network).
To implement the Picture Perfect Web Browser
for use on an intranet, load the Picture Perfect
Web Browser software onto an existing Picture
Perfect host. See “Installation” on page 3.2. Once
the software is installed, Picture Perfect can be
accessed using a Web browser from any client on
the intranet. Performance is considerably better
than with X-emulation software. The reasons for
this are:
1. There is no longer any X-traffic being
sent over the network.
2. Screen images are now cached in your
local browser.
❐
Extranet
An extranet is any extension of the company
2.8
System Overview
2
network, that is WAN (Wide Area Network) or
remote dial-up access using a modem. If the
company has a remote-access server that you can
dial into and access the Picture Perfect host, you
can launch your browser and connect to Picture
Perfect. The requirement for this connection is
that it be a PPP (Point-to-Point Protocol)
connection with TCP/IP.
CAUTION
Depending on your network environment, the
necessary steps to implement a dialup connection
may vary. Your company Information Systems (IS)
department must be consulted for setup and
configuration.
❐
Internet
To connect using the Internet, a Picture Perfect
operator needs to connect to their local ISP
(Internet Service Provider), and point their
browser to the Picture Perfect host.
WARNING Configuring a Picture Perfect host to be accessible from
the Internet requires the implementation of a properly
configured firewall and router. Although the Picture
Perfect server is password protected and the
communications between it and a browser are SSL
encrypted, an improperly configured network and/or
firewall can result in a compromise to your system
security. Proper setup and configuration requires expert
knowledge of the Internet and information such as your
company network environment and firewall
configuration. Consult your IS department prior to
attempting to configure Picture Perfect for use over the
Internet.
2.9
Connectivity
Tarantella makes optimal use of a network to
ensure the best performance for a given network
load and client type. In a network with low load,
Tarantella uses the network bandwidth to
service clients ensuring each client has optimal
performance. When the network load is high or
close to capacity, Tarantella adapts to perform
more processing on the server and reduce the
amount of information sent to the client. When a
client is connected over a slower link such as a
WAN, Tarantella can give improved
performance over alternative solutions. The
Adaptive Internet Protocol (AIP) constantly
monitors the network load and client and
'self-tunes' automatically; no intervention is
required by the user or the administrator.
If the modem connection drops during the
course of operation, the unique Tarantella
Session Resume Facility will return the user to
the exact point at which they were cut off, down
to the very last keystroke. This unique capability
can even be used to eliminate time wasted by
restarting applications when waiting for an
application to execute. The Tarantella system
administrator can arrange for the application to
continue running, no matter how the user
accesses the network.
For dial-up connection using a modem, the
minimum speed required is 28.8k bps; however,
a 56k connection is recommended.
2.10
System Overview
2
Use of Java Archives
Tarantella uses Java applets for a variety of
purposes. These Java archives are downloaded
from the Tarantella server and either installed or
cached locally to the client device's Web
browser. Java archives are useful for the
following reasons:
❐
They may be compressed, which makes
them faster to download.
❐
They may include more than one applet.
❐
Web browsers can keep local copies of Java
archives by locally caching or installing
them, thus avoiding the need to download
them again during future Picture Perfect
Web Browser sessions.
Installing Versus Caching Java Archives
Caching a Java archive means the browser
stores the archive in its cache. However, when
the cache is full, or if an applet isn't used for a
while, the browser may delete the archive.
Similarly, if a user manually clears their
browser's cache, the archive is deleted.
Installing a Java archive is more permanent.
Once installed, the archive can only be removed
by the user.
When a Web browser caches a Java archive, it
usually does so without prompting the user.
The user may never be aware that the browser
has cached the archive. However, when an
2.11
Connectivity
archive is installed locally, the user will usually
be prompted before installation takes place. In
most cases, users will have to acknowledge that
they want to install the archive locally.
Tarantella installs the core Java applets the first
time a user connects to the server, and uses
caching to provide users with recently accessed
information avoiding the need to burden the
application server with the same request.
Therefore, this can actually reduce the network
traffic and amount of processing required on an
application server.
The Java archives will work correctly with all
supported browsers. However, some browsers
have settings that can disable support for Java
archives. If you have changed a particular
browser's configuration, the browser may be
unable to install Java archives. You can always
re-enable Java archive support by returning the
browser to its default configuration.
NOTE
2.12
Netscape Navigator 4 users will see a dialog box
when they log into the Picture Perfect Web Browser.
This dialog box asks users to grant additional
privileges to the Java archive, so that a connection
can be opened to the server. Users must grant
permission for this, otherwise the Picture Perfect
Web Browser will be unable to continue.
Licensing,
Installation, and
Removal
Chapter
3
Licensing
To license your Picture Perfect Web Browser,
you must add the appropriate Picture Perfect
terminal license obtained from GE Interlogix.
The Picture Perfect terminal license controls
how many Picture Perfect web browser
terminals you can define. For more information
on setting up the web browser terminals, refer
to “Setting up the Browser Workstations” on
page 3.20.
Picture Perfect Terminal License
➤ To add or change the Picture Perfect terminal
license, execute the following commands:
1. Log in as root.
Result: A # prompt will display.
2. Type: cd /cas/bin
3. Type: ./pplicense
Enter
Enter
4. When prompted, enter the Picture Perfect
license obtained from GE Interlogix, CASI.
3.1
Installation
Installation
The Picture Perfect Web Browser interface can
be installed at the same time the Picture Perfect
system is installed or any time thereafter. If
installing the Picture Perfect Web Browser at the
same time that the BASE Picture Perfect system
is being installed, follow the BASE installation
instructions in the Picture Perfect Installation
Guide to install the BASE package and then
refer to this document for the Picture Perfect
Web Browser installation. In either case, the
Picture Perfect Web Browser will be included on
the Picture Perfect installation CD.
NOTE
Enterprise or Redundant Picture Perfect systems
must be completely configured prior to installing
the Picture Perfect Web Browser.
Installation of the Picture Perfect Web Browser
interface on the RS/6000 or Linux server for
Picture Perfect involves the following steps:
❐
Installing the Picture Perfect Web Browser
software.
❐
Installing the Security Package.
❐
Generating a Certificate Signing Request.
These steps are detailed in the following
sections.
3.2
Licensing, Installation, and Removal
3
Installing on an Enterprise
(Network) Picture Perfect System
Read this
section before
installing on a
Picture Perfect
enterprise
(network) host.
!
When the Web Browser package is installed on a
Picture Perfect enterprise (network) host, follow
this sequence:
1. Stop Picture Perfect on the enterprise
(network) host.
2. Verify that Picture Perfect is up and running
on all sub-hosts.
3. Continue the installation of the Web
Browser package on the enterprise
(network) host.
4. Install the Web Browser package on the
sub-hosts.
NOTE
If a subhost is added after Picture Perfect Web
Browser is installed on the network host, the following
script will need to be run on the network host:
/cas/bin/hostterm_cfg.sh
This allows the Picture Perfect Network form to
recognize the newly added subhost for Picture Perfect
Web Browser.
3.3
Installation
Installing on a Redundant Picture
Perfect System
Read this
section before
installing on a
Picture Perfect
redundant
system.
!
When the Web Browser package is installed on a
Picture Perfect redundant system, follow this
sequence:
1. Complete the installation on the primary
system first, before performing the
installation on the backup system.
2. On the primary system, stop PPRS.
Result: A failover to the backup system will
occur.
primary system.
4. Bring up the primary system as backup.
5. Stop PPRS on the original backup system.
Result: A failover to the original primary
system will occur.
original backup system.
3.4
3
Installing the Picture Perfect
Web Browser Software
1. Log in to the host as the root user.
2. Type the following to shut down Picture
Perfect:
. /cas/bin/profile
rc.pperf -k
Enter
Enter
Insert the CD-ROM into the drive and
mount it with the command appropriate for
your host operating system:
AIX
mntCD
Enter
If this command is not found, type:
mount -v cdrfs -o ro /dev/cd0 /mnt
Linux
mount /mnt/cdrom
Enter
Enter
3. Change to the root directory and display a
list of installation options by typing:
cd /
AIX
Linux
Enter
/mnt/INSTALL -o
Enter
/mnt/cdrom/INSTALL -o
Enter
3.5
Installation
Result: A screen similar to the following will
display:
Figure 3-1. Installation Options
4. Type 8 to install the Picture Perfect Web
Browser package and press Enter .
Result: You will be asked to confirm your
choice.
You have selected the following
product(s):
8 ppwb
Picture Perfect Web Browser
package
Is this correct (y/n)? [y]
5. Enter y to confirm the package selection.
Result: You will be asked to confirm the
installation.
3.6
3
Installing ppwb
Picture Perfect Multi-package
Installation - 1.10 7/9/01
Copyright (C) 1991 thru 2001
GE Interlogix
Installing from image in /mnt/cdrom/pp
...
661 blocks
Do you want to install the Picture
Perfect Web Browser
package (y/n)? [y]
6. Type y and press Enter to confirm that you
want to install the Picture Perfect Web
Browser package.
Result: Messages similar to the following
will appear on the screen.
Figure 3-2. Installation Procedures
3.7
Installation
7. Enter y to continue the installation, or n
to cancel installation.
Figure 3-3. Sample Installation
If the Web Browser package is installed on a Picture
Perfect enterprise (network) host, then you will also
see messages similar to the following:
Preparing to install PPWB package on
network host mercury.
The network host installation requires
that database connectivity is up and
running on both the network host and
subhosts, and that the '/.rhosti' and
'/etc/hosti.equiv' files on the subhosts
contains the following entries
respectively:
/.rhosti file contains the entry
'mercury'
/etc/hosti.equiv file contains the entry
'mercury'
3.8
3
Checking for database connectivity
between mercury and venus... OK.
Checking for database connectivity
between mercury and mars... OK.
If you are installing on a Linux operating
system, messages similar to the following will
display.
Figure 3-4. Tarantella for Linux Setup
The installation will now display the Tarantella
Software License Agreement.
Figure 3-5. Tarantella Software License Agreement
3.9
Installation
8. To proceed, enter y.
will appear on the screen:
The 30-day evaluation license will be
overwritten with the appropriate
licensing information.
Figure 3-6. Setting up Tarantella Enterprise 3
9. You must enter y at this prompt. If you
change these settings, the Picture Perfect
Web Browser will not function properly.
will appear on the screen as the system
configures your installation.
3.10
3
Figure 3-7. Tarantella Installation Configuration
3.11
Installation
Figure 3-8. Tarantella Server Installation Complete
Additionally, on an enterprise (network)
host, messages similar to the following
will display:
Creating Web Browser terminals to
support Networking...
3.12
3
Installing the Security Package
(Optional)
NOTE
For more information on the Security Package,
refer to Chapter 6 - Secure Socket Layer.
After the successful installation of the Tarantella
server, type y to install the Tarantella Security
Package, if you plan on using this feature.
Figure 3-9. Installing the Tarantella Security Package
3.13
Installation
Generating a Certificate Signing
Request (CSR)
A certificate is an electronic form of ID used to
identify the holder. Certificates are issued by
CAs, whose function is to issue and manage
certificates and vouch for the certificate holder.
NOTE
Before proceeding, please review Chapter 6 Secure Socket Layer for more information
regarding CSRs and how they work.
In order to use the SSL feature of Picture Perfect
Web Browser, you will need to generate a CSR
which contains unique information specific to
your Picture Perfect host. You will need to copy
the CSR that will be generated and present it to a
Certificate Authority (CA). When the CA
returns the certificate to you, you will need to
install it.
This section will guide you through the steps to
generate the CSR. To copy and install it, please
refer to “How to Obtain a Certificate for your
Picture Perfect Web Server” on page 6.14
3.14
3
➤ To generate the CSR:
After the installation of the Security Package
license key, you will be prompted to generate
the certificate request key, or CSR.
Figure 3-10. Generating the Certificate Request Key (CSR)
1. Enter y, to generate the CSR now or enter
n to generate it later.
Result: If you answer n you can generate
the CSR later by typing the following:
cd
/opt/tarantella/bin
./ppwbcert.sh
Enter
Enter
If you answer y, messages similar to the
following will display:
3.15
Installation
Figure 3-11. CSR Settings
2. Answer the questions with the appropriate
information for your system, and confirm
that each entry is correct. Enter y, to
continue.
Result: The system will assign a hostname
for the certificate, similar to the following
example.
3.16
3
Figure 3-12. CSR Hostname
3. Verify that the complete host name,
including domain, are exactly the way you
will be accessing this server. Once you
obtain the Server Certificate, it cannot be
changed.
4. Press
Enter
to continue.
will display:
3.17
Installation
Figure 3-13. CSR Summary
5. Press
Enter
to continue.
will display:
Figure 3-14. Completed CSR
3.18
3
This information is copied to a log file:
/opt/tarantella/bin/ppwbcert.txt
You will need to print this file and send to the CA to
obtain your certificate. When you are ready to do
this, refer to “How to Obtain a Certificate for your
Picture Perfect Web Server” on page 6.14.
The following screens will display, as the
installation continues.
Figure 3-15. Web Browser Installation Complete
3.19
Installation
6. The Web Browser installation is now
complete and you will be asked to reboot the
system.
7. Type y
Enter
to reboot the system.
Setting up the Browser
Workstations
Traditional X-emulation workstations required
that you define a Picture Perfect terminal to
correspond with the host name of the terminal.
Similarly, with the Picture Perfect Web Browser,
you need to define a Picture Perfect terminal for
each concurrent browser workstation.
However, on a stand-alone system or on a
sub-host of an enterprise (network) system,
since the browser workstation is not a fixed host
name, you do not define the terminal to
correspond with a host name of the terminal.
Instead, the Picture Perfect terminal names are
defined as unix.
In these instances, use the following naming
convention:
•
First browser workstation
•
Second browser workstation unix:11
•
Third browser workstation
unix:10
unix:12
When installing the Web Browser on a Picture
Perfect enterprise (network) host or on a
primary or backup redundant host, you will
define the terminal to use the host name of the
3.20
3
server to which you are connected. For example,
for a server named mercury, the Web Browser
workstations would be named mercury:10,
mercury:11, and so on.
In these instances, use the following naming
convention:
•
First browser workstation
hostname:10
•
Second browser workstation
hostname:11
•
Third browser workstation
hostname:12
You can create as many terminals for which the
system is licensed by incrementing the port
number. These terminals do not correspond to
specific browser workstations; instead, they
work on a first-come first-serve basis. For
instance, the first browser that connects uses
:10, the second :11.
➤ To define the terminals for the browser
workstations:
1. Log in to the host Picture Perfect system as
the System Administrator.
2. From the main menu, select Devices, then
Terminals.
3. For the Description, type, for example:
ppwb1
4. In the Server field, type:
3.21
Removal
#
Standalone system, for example:
unix:10
#
Network or redundant system, for
example: <hostname>:10
5. Press Save.
6. Repeat for each additional web browser
workstation.
Removal
Removing the Picture Perfect
Web Browser Software
➤ Follow these steps to remove the Picture
Perfect Web Browser interface:
1. Log in as root.
Result: You should see a # prompt.
2. Type the following to shut down Picture
Perfect:
. /cas/bin/profile
rc.pperf -k
3. Type: cd /
3.22
Enter
Enter
Enter
3
4. Start the removal program by typing:
ppr
Enter
Figure 3-16. Removal Warning
5. To continue, type: yes
Enter
Result: If you entered yes, a list of the
Picture Perfect packages currently installed
will be displayed.
You will then be asked which package you would
like to delete. For example:
base
graph
image
impexp
ppwb
3.23
Removal
tours
visitor
Enter the name of the package to delete:
6. Type: ppwb
Enter
will be displayed.
Figure 3-17. Picture Perfect Web Browser Removal
7. Press y
Enter
to confirm.
Result: The removal process will continue,
and messages similar to the following will
display.
3.24
3
Figure 3-18. Removal Process Complete
8. Press y
Enter
.
Result: The system will restart.
3.25
Removal
NOTES
3.26
Getting Started
Chapter
4
Initial Setup
Before logging in for the first time, please verify
that the following items have been set up:
❐
AIX
The Web server must be up and running.
On an AIX system, type:
/usr/HTTPServer/bin/apachectl start
Linux
On a Linux system, type:
/etc/init.d/httpd start
❐
Enter
The Tarantella server must be up and
running. Type:
/opt/tarantella/bin/tarantella status
Enter
For more information, refer to “Starting/Stopping
the Tarantella Server Application” on page 5.3
❐
In order to log into Picture Perfect from the
Web Browser, operators must have Enable
Remote Login permission set under
Control/Permission in Picture Perfect.
4.1
Initial Setup
❐
Specific fonts are required for the Common
Desktop Environment (CDE) and by Picture
Perfect. These fonts are available from the
Font Server running on the host and will be
set up during the installation process. If,
however, you need to manually set up the
Font Server, follow the instructions below:
➤ To set up Picture Perfect Web Browser to use
the Font Server:
1. Log in as root to the Picture Perfect host
using your Web Browser.
Click Array Manager.
Click the server
directory folder.
Click X-Protocol
Engine.
Figure 4-1. Font Server Setup
2. From the menu on the left, click the Array
Manager.
3. With your mouse, click on the server name
to expand the directory.
4.2
Getting Started
4
Click X Protocol
Engine.
Click Properties.
Figure 4-2. X-Protocol Engine Properties
4. Next, click X Protocol Engine and then
Properties.
display.
4.3
Initial Setup
Figure 4-3. Font Path
5. In Font Path, on the right, enter a new line,
as in the following example:
tcp/<hostname>:7100
where <hostname> is the name of your host.
6. Click Apply to save your changes.
4.4
Getting Started
4
Logging in and Using the
Picture Perfect Web Browser
1. Point your browser to the Picture Perfect
host (this document will assume your
hostname is pphost) by typing into your
browser's location/address box:
http://pphost/ppwb/
Result: You will be presented with the login
screen.
NOTE
If http://pphost/ppwb does not give the
expected results, try typing the full path:
http://pphost/ppwb/index.html
NOTE
If you are not using a Domain Name Server (DNS)
to acquire and resolve the host names of hosts
and clients, then you must include the server’s
hostname in the clients’s local hosts file. If not,
you will not get the Log in screen.
4.5
Logging in and Using the Picture Perfect Web Browser
Figure 4-4. Picture Perfect Web Browser Login Screen
2. Enter a valid Picture Perfect operator login
and password and click Login.
Result: The login and password provided is
authenticated, access is granted, and you are
presented with the Picture Perfect Web
Browser welcome screen. (See Figure 4-5.)
NOTE
4.6
In order to log into Picture Perfect from the Web
Browser, operators must have Enable Remote
Login permission set under
Control/Permission in Picture Perfect.
Getting Started
4
For
information on
how to use Picture
Perfect, refer to
the Picture
Perfect
Administration
Guide.
!
Figure 4-5. Welcome Screen
3. From the Welcome screen, you can access
electronic versions of the Picture Perfect
Web Browser documentation:
•
PPWB Release Notes
•
PPWB Operator’s Guide (this book)
4.7
Logging in and Using the Picture Perfect Web Browser
Figure 4-6. Release Notes
4. From the Menu frame on the left, you may
choose from the following:
Click to launch Picture Perfect in a
Common Desktop Environment (CDE)
window. See Figure 4-9.
Click to launch the online help for
Tarantella. See Figure 4-10.
Figure 4-7. Menu Frame
4.8
Getting Started
4
Once a selection has been made, and the
application has launched, a green object will
appear in the lower left corner of the icon in the
Menu frame, indicating that this session is
running.
Figure 4-8. Picture Perfect Running
Figure 4-9. Picture Perfect in a CDE Window
4.9
Follow-Me Printing
Figure 4-10. Tarantella Help Screen
Follow-Me Printing
The most common printing requirement is for
print jobs to be directed to a local printer, but for
mobile workers, 'local' changes from day to day.
To address this problem, Tarantella uses a
unique print subsystem called Follow-Me
Printing. With Follow-Me Printing, upon
installation, the Picture Perfect Web Browser
creates a Picture Perfect printer that, when print
jobs are directed to it, Tarantella re-routes the
print job to the local Print Manager on the user’s
PC. This means that if a user has a PC running
Windows 98, Windows 2000, or Windows NT
4.0, and has a printer defined on that PC, the
Picture Perfect Web Browser could be used to
4.10
Getting Started
4
connect to Picture Perfect, and reports could be
printed from the local PC.
.
Pause printing
Cancel print job
Local printer status
Figure 4-11. Follow Me Printing
Follow-Me Printing Limitations
❐
NOTE
In an enterprise (network) or redundant
environment, Follow-Me printing is limited
to the session of the host to which you are
logged in. For example, in Picture Perfect,
when logged into an enterprise (network)
host, you can access a menu from a subhost.
However, if you attempt to use Follow-Me
printing from the subhost menu, no report
will be printed.
Although the Picture Perfect Browser Printer will
display on the list of available printers on the
Picture Perfect host, it will only be functional for
users logged on through the Picture Perfect Web
Browser client, not for users logged on through
any other terminal.
4.11
Follow-Me Printing
NOTES
4.12
System
Administration
Chapter
5
Tarantella Log Files
➤ To check the log files of the Tarantella Server,
type the following:
cd
/opt/tarantella/bin
Enter
./tarantella query errlog
Enter
Messages similar to the following will display:
Figure 5-1. Error Log File
5.1
Tarantella Log Files
➤ To check the uptime of the Tarantella Server,
type the following:
cd
/opt/tarantella/bin
Enter
./tarantella query uptime
Enter
Figure 5-2. Uptime File
➤ To check the status of the Tarantella Server,
type the following:
cd
/opt/tarantella/bin
./tarantella status
Enter
Enter
Figure 5-3. Status File
5.2
System Administration
5
Starting/Stopping the Tarantella
Server Application
➤ To start the Tarantella server, execute the
following commands:
1. Log in as root.
2. Type the following commands:
cd /opt/tarantella/bin/
./tarantella start
Enter
Enter
will display:
Starting Tarantella server (version
3.20.907). Please wait...
Tarantella services are now available on
this host.
➤ To stop the Tarantella server, execute the
following commands:
1. Log in as root.
5.3
Starting/Stopping the Tarantella Server Application
./tarantella stop
Enter
Enter
will display:
Tarantella services have been stopped.
➤ To restart the Tarantella server, execute the
following commands:
1. Log in as root.
./tarantella restart
Enter
Enter
will display:
Tarantella services are not currently
running.
Starting Tarantella server (version
3.20.907). Please wait...
Tarantella services are now available on
this host.
5.4
5
Web Server Documentation
The Web server online documentation can be
accessed by pointing your Web browser to:
http://<hostname>/manual/mod/
where <hostname> is the name of the Picture
Perfect server where the Web server is installed.
For more information, go to: www.apache.org
Starting/Stopping the Web Server
➤ To start the Web server, execute the following
commands:
1. Log in as root.
AIX
/usr/HTTPServer/bin/apachectl start
Linux
Enter
/etc/init.d/httpd start
Enter
5.5
will display:
apachectl start: httpd started
➤ To stop the Web server, execute the following
commands:
1. Log in as root.
AIX
/usr/HTTPServer/bin/apachectl stop
Linux
Enter
/etc/init.d/httpd stop
Enter
will display:
apachectl stop: httpd stopped
5.6
5
➤ To restart the Web server, execute the
following commands:
1. Log in as root.
AIX
/usr/HTTPServer/bin/apachectl restart
Linux
Enter
/etc/init.d/httpd restart
Enter
will display:
apachectl restart: httpd restarted
5.7
➤ To check the status of the Web server, execute
the following commands:
1. Log in as root.
AIX
/usr/HTTPServer/bin/apachectl status
Linux
Enter
/etc/init.d/httpd status
Enter
will display:
httpd (pid 9395 9394 9393 9392 9391 9390
9389 9388 945) is running...
5.8
5
Administrative Tools
Tarantella provides the following
comprehensive graphical management tools,
implemented in Java technology, for the
administrators of the Tarantella server:
❐
Array Manager
❐
Object Manager
Only the designated administrative users can
run these tools.
Use Array Manager to perform these tasks:
•
Set up and manage an array of Tarantella
servers, for emulator session load balancing.
•
Configure array-wide settings, and settings
for each array member.
Use Object Manager to perform these tasks:
•
Create and configure objects representing
the people, hosts, applications and
documents within your organization.
•
Define Webtops for all users of Tarantella,
and see whose Webtop any object is on.
•
Monitor who's running which applications
on which application servers, and shadow
or end those application sessions.
•
Find out who's cached passwords for which
application servers, and delete password
cache entries.
5.9
For complete, detailed, instructions on using
these tools, refer to the Tarantella
Administration Guide.
➤ To access these tools:
1. Log in to your Picture Perfect Web browser
as root.
Result: A screen, similar to the following
displays.
Click here to access the Tarantella Administration Guide
Click here to access the Array Manager.
Click here to access the Object Manager.
Figure 5-4. Tarantella Webtop
2. Click on the icon for the tool you wish to
access.
5.10
5
Data Flow
Figure 5-5 outlines the mechanism used by
Tarantella to allow clients to connect, deliver
their webtop, and run Picture Perfect. The
easiest way to explain this route is to go through
the steps the client and server take and map
these steps according to the figure.
Figure 5-5. Data Flow Diagram
The user connects using a Web browser to a
Picture Perfect host on which the Picture Perfect
Web Browser is running. The Web server
returns a page containing the Tarantella
5.11
boot-strap applet. This applet connects with the
datastore engine on port 3144, which then
provides the login applet. The user is
authenticated using this applet. If the correct
login and password are supplied, a request is
issued to the datastore engine to search and find
the webtop for that user. A Web page is
dynamically created using the objects associated
with the user stored in the datastore and then
loaded into the browser. This is the webtop.
When the user clicks on Picture Perfect, the Web
page associated with that object is downloaded,
and the correct display engine is downloaded.
The display engine issues a request to the
datastore engine to find the application. This
request is passed onto the Session Manager
which checks to see if Picture Perfect is running
and needs to be resumed to the user. If Picture
Perfect is running, then that session is resumed
to the user.
If Picture Perfect is not running, the display
engine issues another request to the datastore
engine to create that application object. This
request is forwarded to the Session Manager
which invokes the application on the network
using a password stored in an encrypted cache if
the password has already been supplied. If the
password has not been supplied, the user is
prompted for a password which is then stored
in the encrypted cache. The Session Manager
then invokes the correct protocol engine which
in turn invokes the application. The Session
Manager stores the information about the
5.12
5
protocol engine used with the application object
inside the datastore.
The display engine connects to port number
3144, and authenticates itself. The Status
Manager receives notice of authentication and
passes it onto the Session Manager which then
connects the display engine to the right protocol
engine. This is the Adaptive Internet Protocol
link. The first phase in this link is to pass
parameters identifying the characteristics of the
client device and network connection. The AIP
then tunes itself for optimal performance.
Finally, Picture Perfect is displayed on the
client, and the AIP monitors any changes in the
network characteristics.
Firewall Configuration
In order to establish communications through a
firewall, it is necessary to assign a port to allow
the appropriate protocols to pass through the
firewall. To ensure that the security of your
firewall is not compromised, open only those
ports needed for your specific system
configuration.
Port Number Assignment
It is recommended that SSL be used when
firewall traversal is required (For more
information on SSL, refer to Chapter 6 - Secure
Socket Layer). The SSL Picture Perfect Web
Browser port number assignment is usually
5307, and this port should be opened.
5.13
The standard (non SSL) Picture Perfect Web
Browser port number assignment is usually
3144.
➤ To change the port assignment:
1. Log into the Picture Perfect Web browser as
the root user.
Manager icon.
Click here to display the
Array Manager.
Figure 5-6. Array Manager Icon
3. In Array Manager, click Array, then
Properties.
display.
5.14
5
Click Array
Click Properties
Figure 5-7. General Array Properties
4. In the connections box of the port you wish
to change, type the new value, and click
Apply.
5. Click Exit to close the Array Manager.
Result: A confirmation dialog will display.
6. Click Yes.
5.15
NOTES
5.16
Secure Socket
Layer
Chapter
6
Security
In the real world, we are often asked to prove
who we are by using a trusted certificate such
as a passport, ID card, or driver's license. We
may be called upon to prove we are who we say
we are. The same is true in the world of data
communications.
The emergence of Certificate technologies and
Certificate Authorities (CAs) addresses these
concerns. A certificate is an electronic form of
ID used to identify the holder. Certificates are
issued by CAs, whose function is to issue and
manage certificates and vouch for the certificate
holder. The type of certificate used in the
Picture Perfect Web Browser is an X.509 Server
Certificate. A Server Certificate is issued by a
CA for a particular server (Distinguished
Name) and contains the server's Public Key, the
owner's organization name, expiry information,
and the signature of the issuing body (the CA).
When presented to an application, the digital
signature is verified by examining the CA
signature using the Public Key of the CA,
which is built into the requesting client
application. The client can then check that it is
connecting to the expected server, and not to an
6.1
Security
impostor inserting itself into the communication
stream.
The Secure Sockets Layer (SSL) is a protocol,
developed by Netscape Communications
Corporation, which establishes a secure
connection between a client and server using the
technologies previously described. The actual
encryption algorithm used is developed and
licensed by RSA (named after its inventors, Ron
Rivest, Adi Shamir and Leonard Adleman). RSA
is the only universally accepted Cryptosystem.
After completing the steps outlined in
“Configuring the Secure Socket Layer (SSL)” on
page 6.3, SSL will be enabled for all
communication between the Picture Perfect host
and the browser client. Although we do not
recommend it, the security feature can be turned
off completely. However, you can specify when
the SSL should and should not be used through
settings available to the Picture Perfect
Administrator in the Control Center. For
example, if you only wanted to use SSL when
connecting remotely through a dial-up or
internet connection, but did not want to use SSL
when connecting through your LAN, you
would specify the LAN network segment to be
excluded from SSL. This way, when connecting
through the LAN, you would not get an SSL
connection, but when connecting through any
other means, you would.
6.2
Secure Socket Layer
6
Configuring the Secure Socket
Layer (SSL)
1. Log into the Picture Perfect Web browser as
the root user.
Manager icon.
Array Manager.
Figure 6-1. Array Manager Icon
3. In Array Manager, click Security, then
Properties.
display.
6.3
Security
Click Security
Click Properties
Figure 6-2. Array Manager - Security Properties
4. For Connection Types, make sure that
Apply when users log in is checked.
5. Click Apply, then Exit to exit the Array
Manager window.
6. Click Yes to confirm that you want to close
the Array Manager.
7. From the menu on the left, click the Object
Manager icon.
6.4
Secure Socket Layer
6
Object Manager.
Figure 6-3. Object Manager Icon
8. From the Object Manager window, click the
Browse tab.
display.
6.5
Security
Click Tarantella
System Objects
Click Properties
Figure 6-4. Object Manager - Properties
9. Click Tarantella System Objects, then
Properties.
10. On the Attributes tab, click on the button
labeled General and from the list displayed,
select Connections.
display.
6.6
Secure Socket Layer
6
Figure 6-5. Object Manager - Connections
11. Click New and fill in the details for the
connection.
For example, to assign a standard
connection to all client devices logging into
the domain ge.com, fill in the following:
•
Client Device: ............. *.ge.com
•
Tarantella Server: ...... *
•
Connection: ................ Standard
To assign a secure connection to all client
devices logging in over the internet, fill in
the following:
•
Client Device: ............. *
6.7
Security
•
Tarantella Server: ......*
•
Connection: ................Secure
12. Click Apply, then Exit to exit the Object
Manager window.
13. Click Yes to confirm that you want to close
the Object Manager.
For more complete, detailed information on
customizing your SSL settings, refer to the
Tarantella Administration Guide, which can be
accessed from the root login menu.
6.8
Secure Socket Layer
6
SSL Status indication
The first indication that you have installed and
properly configured SSL will be on the login
screen. Directly beneath the
Username/Password entry fields, you should
see the words SSL connections available. If you
do not see this indication, the Security Package
is not installed, not configured properly, or not
turned on. See Figure 6-6. Login - SSL Installed.
Indicates
SSL is
installed
Figure 6-6. Login - SSL Installed
NOTE
Regardless of whether or not a particular client
gets an SSL, the Username and password will
always be SSL encrypted as long as you have the
Security Package installed and properly
configured.
6.9
Security
However, this does mean that SSL is available.
Depending on your preferences defined earlier
in Object Manager, you may or may not be
given an SSL connection depending on the IP
Address of the machine you are connecting
from. There are two ways of determining your
connection type once you are logged in.
1. Move your mouse over an object in the left
menu bar and then into the narrow yellow
area to the left of the object, as indicated in
Figure 6-7.
Result: The status bar on the bottom of your
browser will tell you what type of
connection that object will use. See Figure
6-7. Welcome Screen - SSL Installed.
Figure 6-7. Welcome Screen - SSL Installed
6.10
Secure Socket Layer
6
2. Click the ? icon in the lower left hand
corner of your screen and then select
Detailed information helpful to diagnose
problems. See Figure 6-8. Diagnostics.
Click to access the
diagnostic screen.
Figure 6-8. Diagnostics
Result: A screen displaying diagnostic
information, similar to the following, will
display.
6.11
Security
Figure 6-9. Diagnostic Information
6.12
6
Secure Socket Layer
Although GE Interlogix does not recommend
you do so, you can disable the SSL feature of the
Picture Perfect Web Browser.
➤ To disable SSL:
1. Log in to the Picture Perfect host as root.
2. Open a new window.
cd /opt/tarantella/bin
Enter
./tarantella security stop
Enter
➤ To re-enable the SSL:
1. Type the following command:
Enter
./tarantella security start
Enter
6.13
How to Obtain a Certificate for your Picture Perfect Web Server
How to Obtain a Certificate for
your Picture Perfect Web Server
When you install the Picture Perfect Web
Browser, you will be given the opportunity to
generate a Certificate Signing Request (CSR).
You can then obtain a Certificate for your
Picture Perfect server from a CA by providing
them with the CSR along with the necessary
paperwork.
There are a number of certificate authorities that
will issue a certificate for your server. The most
well known and trusted authorities are
Verisign™ (http://www.verisign.com) and
Thawte Consulting (http://www.thawte.com).
Obtaining a certificate from Verisign is
significantly more expensive than obtaining a
certificate from Thawte. The reason for this is
that a Thawte certificate will not work with
older-version Web browsers. However, in order
to use the Picture Perfect Web Browser, you
must be using a current-version Web browser.
Any browser that works with the Picture Perfect
Web Browser will not have a problem with a
Thawte certificate. Therefore a certificate from
either CA will work.
In order to obtain a Certificate, you will need to
provide the CA with the following:
❐
Proof of organization name.
❐
Proof of right to use domain name.
❐
Letter of Authorization.
❐
6.14
CSR (Certificate Signing Request).
Secure Socket Layer
6
Proof of Organization Name
Companies, Corporations, Incorporations
For example: Inc., (Pty) Ltd., Plc., B.V.,
S.A. GmbH
You will be required to provide a copy of your
official company registration documents or
certificate of incorporation in your state or
country. CAs are generally very strict, and will
not waive these requirements.
Partnerships
You should be registered with national, state or
local authorities. You will be required to
provide a copy of a form of verifiable proof of
the partnership name.
Proprietorships and DBA's
If you are a sole proprietor or DBA (Doing
Business As), you we will be required to
provide a copy of your DBA registration papers
for local levies and taxes. Any official
correspondence indicating your right to use the
name given on your request will generally be
sufficient, as long as the CA is able to
cross-check with the relevant authority.
6.15
Proof of Right to use Domain Name
Generally, you will not need proof that your
domain is registered to your company exactly as
it appears in your CSR. If you will not be using
the Picture Perfect Web Browser on the Internet,
you probably will not need this.
If your domain is registered to a person, the CA
will generally require a letter authorizing your
organization to use the domain for business
purposes from the person to which the domain
is registered.
If you are a subdivision of the company who
owns the domain, the CA will require a letter of
proof.
If your domain is registered to a company and
you have subsequently changed the
organization name in any way, the CA will
require documentation of proof.
Letter of Authorization
You will need a signed letter from a
high-ranking individual in the organization
authorizing the use of a Certificate to
authenticate the company during secure online
communications. This letter must be printed on
the organization's letterhead. The CA requires
this proof to prevent unauthorized individuals
within an organization from creating an
authenticated electronic presence for the
organization without proper clearance. The
letter needs to establish that the organization's
decision-makers have agreed to the use of a
6.16
6_security.fm Page 17 Monday, January 13, 2003 4:22 PM
Secure Socket Layer
6
Certificate, and must be signed by the
decision-maker and not by someone on their
behalf. The letter may also be required to
authorize a credit card charge to cover the cost
of the certificate.
The CSR (Certificate Signing Request)
A CSR is a block of encrypted code generated by
your server, which contains the unique
information about your server that is necessary
for the CA to generate your certificate. Once you
obtain your certificate, you will need to install
the certification on your server before you can
use the SSL feature.
➤ To copy your CSR:
1. Log in to the server as root.
2. A # prompt will display.
3. Type the following to open the log file
containing the CSR that was generated in
the section, “Generating a Certificate
Signing Request (CSR)” on page 3.14.
cd
/opt/tarantella/bin
./ppwbcert.txt
Enter
Enter
4. Using FTP or a diskette, transfer the file to a
Windows PC.
6.17
6. From the Windows PC, open the file in
Notepad and using your mouse, select the
text indicated in Figure 6-10.
Figure 6-10. Sample CSR Log File
7. From the Edit menu, select Copy.
8. Paste the selected text into a file and forward
it as instructed by your CA: Verisign™
(http://www.verisign.com) or Thawte
Consulting (http://www.thawte.com).
9. When you receive the certificate from the
CA, you will need to install it. For
instructions on installing your certificate,
refer to “The CSR (Certificate Signing
Request)” on page 6.17.
6.18
Secure Socket Layer
6
➤ To install your certificate:
Your certificate will either be e-mailed to you or
you will be instructed to download it.
1. Once you have received your certificate
from the CA, save the certificate as a text file
somewhere on the Picture Perfect host. For
example:
/tmp/cert.txt
Enter
2. Type the following three commands on your
Picture Perfect host:
Enter
./tarantella security certuse </tmp/cert.txt
./tarantella security start
NOTE
Enter
Enter
The path to the certificate file should be to the
directory in which it was saved, as in our example:
/tmp/cert.txt
6.19
NOTES
6.20
Customer Survey
Title of this book: Picture Perfect 2.0 Web Browser Version 1.4
Operator’s Guide
My overall rating of this book:
❐
❐
❐
❐
❐
❐
Excellent
Very good
Good
Satisfactory
Fair
Poor
What I liked most about this book:
What I would change, add, delete, etc. in future editions of this
book:
Please return this form to:
Attn: Technical Writing
GE Interlogix, CASI Division
791 Park of Commerce Blvd. Suite 100
Boca Raton, FL 33487
or e-mail your comments to:
[email protected]
Despite rigorous product testing, some problems cannot be detected in advance. Please let us
know if you discover any defects in our software. We value your feedback and want to ensure that
our software meets your expectations.
Software Defect Report
Date:_________________
First Name:_________________ Last Name:________________________
Company Name:_______________________________________________
Phone:_____-_______________ e-mail:____________________________
GE Interlogix Business Partner:__________________________________
Contact:______________________________________________________
Application Software:_______________________
Version:__________
HW Model:__________________________ OS Version:________________
Hardware
Platform:
Operating
System:
Severity:
Replication:
❐ Intel PC
❐ RS/6000
❐ Windows
❐ Linux
❐ AIX
❐ Cosmetic
❐ Undesirable
❐ Application Crash
❐ System Crash
❐ Data Loss
❐ Every Time
❐ Frequent
❐ Intermittent
❐ One Occurrence Only
Problem Description:
(Please be as specific as possible, and explain what you were doing when the problem occurred.)
Please fax this form to:
GE Interlogix Customer Support
(561) 998-6233

Picture Perfect 2.0 Web Browser Version 1.4 Operator`s Guide

Transcription

Similar documents

Supported Browsers - 360 Federal Credit Union

ekool esitlus 06_01_10.key

here

Atlantis Energy Systems Inc.

margauxlicious: Travel | The Black Swan, Singapore

Together Middlesbrough March 2015 Newsletter

Certificate of Registration Evans Chemetics LP

Certificate of Registration Glasseal Products Inc.

Certificate of Registration Lyn

The Way to San Jose - Things to Do