Руководство Пользователя для Cisco Cisco Tidal Enterprise Scheduler 6.2
2-13
Cisco Tidal Enterprise Scheduler Remote Job Adapter Guide
6.2.1
Chapter 2 Configuring the Remote Job Adapter
Configuring a Windows Agent to be a Remote Job Adapter Proxy
makecert -r -pe -n "CN=localhost" -eku 1.3.6.1.5.5.7.3.1 -ss my -sr
localMachine -sky exchange
This will create the certificate and install it (named "localhost") in the certificate store.
Note
makecert is available in the SDK if you have Visual Studio 2005 installed (Microsoft Visual
Studio 8\SDK\v2.0\Bin). There are other ways to get a certificate. An internet search will give
you several options.
Studio 8\SDK\v2.0\Bin). There are other ways to get a certificate. An internet search will give
you several options.
Step 2
Start Microsoft Management Console (mmc) and copy the certifcate "local" located in
Personal\Certificates
into
Trusted Root Certification Authorities\Certificates
.
Step 3
In the DOS prompt (Command shell) run:
For pre-2008 systems:
httpcfg.exe set ssl -i 0.0.0.0:50001 -c "Root" -h XXXXX
where:
0.0.0.0:50001
is the IP and port (this is for https://localhost:50001)
XXXXX
is the Thumbprint value of the local certificate.
To obtain the thrumbprint of a certificate:
a.
Open the certificate and then click on the
Details
tab.
b.
Copy the thumbprint and delete all blanks (spaces) between numbers in 'Thumbprint'.
Note
The Windows XP Service Pack 2 Support Tools download contains httpcfg.exe. However, this is
an optional install element and you have to select the Optional Tools item to have it install
httpcfg.exe.
an optional install element and you have to select the Optional Tools item to have it install
httpcfg.exe.
It is critical that the name after '-c' in the httpcfg set matches the Store that the certificate is in,
Root is recommended (see
It is critical that the name after '-c' in the httpcfg set matches the Store that the certificate is in,
Root is recommended (see
Store Names
•
AddressBook
– The X.509 certificate store for other users.
•
AuthRoot
– The X.509 certificate store for third-party certificate authorities (CAs).
•
CertificateAuthority
– The X.509 certificate store for intermediate certificate authorities
(CAs).
•
Disallowed
– The X.509 certificate store for revoked certificates.
•
My
– The X.509 certificate store for personal certificates.
•
Root
– The X.509 certificate store for trusted root certificate authorities (CAs).
•
TrustedPeople
– The X.509 certificate store for directly trusted people and resources.
•
TrustedPublisher
– The X.509 certificate store for directly trusted publishers.
For post-2008 systems
netsh http add sslcert ipport=0.0.0.0:50001 certhash=XXXX appid={YYYYYY}
where:
ipport=0.0.0.0:50001
is the IP and port. This is for https://localhost:50001.