More actions
(Created page with "This is simple a guide for requesting access to meet.posixlycorrect.com using easyrsa.") |
No edit summary |
||
Line 1: | Line 1: | ||
This is simple a guide for requesting access to [[meet.posixlycorrect.com]] using easyrsa. | This is simple a guide for requesting access to [[meet.posixlycorrect.com]] using easyrsa. | ||
== Pre-requisites == | |||
# Firefox, or any other browser that can import certificates. | |||
# A Linux distro with easyrsa and openssl installed. | |||
== Requesting meet access == | |||
=== Setting up easyrsa and generating request === | |||
# Install easyrsa using your distro's package manager. | |||
# Create an empty directory where you'll have your easyrsa setup. | |||
# Initialize your pki: | |||
$ easyrsa init-pki | |||
# Generate a request with easyrsa: | |||
$ easyrsa gen-req <name> | |||
# Send the resulting request via email to the signing authority. In this case, that would be [mailto:fabian@posixlycorrect.com fabian@posixlycorrect.com]. | |||
=== Accepting requests === | |||
This part of the guide is meant as a reference for the admins, if you're just requesting access, skip to the next section. | |||
# Take the received request and place it in <code>pki/reqs</code>. | |||
# Sign the request: | |||
$ easyrsa sign-req client <request name> | |||
# Send back the signed request. | |||
=== Building your certificate === | |||
# Take meet's public certificate, available bellow, and place it in an empty file. | |||
-----BEGIN CERTIFICATE----- | |||
MIIDijCCAnKgAwIBAgIUQCBAoFSQrYx063PnK3XKiOJSpvQwDQYJKoZIhvcNAQEL | |||
BQAwKzEpMCcGA1UEAwwgcG9zaXhseWNvcnJlY3QuY29tIGdhdGVrZWVwZXIgQ0Ew | |||
HhcNMjQwODAyMDcxNzE4WhcNMzQwNzMxMDcxNzE4WjArMSkwJwYDVQQDDCBwb3Np | |||
eGx5Y29ycmVjdC5jb20gZ2F0ZWtlZXBlciBDQTCCASIwDQYJKoZIhvcNAQEBBQAD | |||
ggEPADCCAQoCggEBAKxjqIpRxIu2yPejUbyMixZACESrbmIGOhhxwUu1ys6aYPOZ | |||
7yQMs5xuJXcgCuD7Oba1eBi+CpLhyvgZlyLrCfxoCzTdAeeXq0EB7YUn8IYEN3dR | |||
e+yds//zkjRzbXAaIbUoAF8XaXgylOSIXLNrh0TTjNscC+TPYvKSbaDhdICOZ1ky | |||
u08w5QdOoi1W8FNJd4LKIKWQZW3dMeNaBbKnt9R4mjL28tE5gP6ZYUvcCIoqYAbE | |||
DSNq29lXsmDzbD914bN5wYoTP3A+k8QG6eYGb10YgaaJ0TBxeLzadVBq7gFylMt3 | |||
1LTNmH/v+l73IYfiDV4O3d33cg0VOKqiD48WCnkCAwEAAaOBpTCBojAMBgNVHRME | |||
BTADAQH/MB0GA1UdDgQWBBStVj4YoMTnD+XZ+doBI7Ao17Gg3DBmBgNVHSMEXzBd | |||
gBStVj4YoMTnD+XZ+doBI7Ao17Gg3KEvpC0wKzEpMCcGA1UEAwwgcG9zaXhseWNv | |||
cnJlY3QuY29tIGdhdGVrZWVwZXIgQ0GCFEAgQKBUkK2MdOtz5yt1yojiUqb0MAsG | |||
A1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZgbpPdkhAbrbA7Y63WI2Bo26 | |||
tPVCZpsEKiwpyEbDDC+NVrbOit1kQg/j26RuXLDVg19IfXk407FVFVGYVJNE+kXt | |||
KjyKCGyyZUBQRebCN8kzFsCQ/AJSfzNKQhEK68rchSH66mbjtOtItkdVZRnq0pWI | |||
7WXlTIxK8KTcAx2V/ijyalCENUpwRWfM4Qnkqsi82Dx9e8V0TRCLomW7IQok4dre | |||
F6IolUHw9ZuSC10/T8n8+riqWBWEisBGLz79OrdETdHK9A5gpNHRF+sO9JAhVr/t | |||
exBWTEJ33BeI0NX87d0Pneun4nss5FsLst+Ut7Y0F2QF2Iar1iERUalHVIjCtA== | |||
-----END CERTIFICATE----- | |||
# Concatenate your signed certificate and meet's public certificate: | |||
$ cat your_cert.crt meets_cert.crt > fullchain.crt | |||
# Generate a certificate that a browser can import: | |||
$ openssl pkcs12 -export -legacy -in fullchain.crt -inkey your_private_key.key -out final-fullchain-key.p12 | |||
=== Adding the certificate to Firefox === | |||
{{Tip|If you don't have Firefox, check out [https://support.mozilla.org/en-US/kb/switching-chrome-firefox this useful page].}} | |||
# Go to settings | |||
# Search for Certificates in the search bar. | |||
# Click on {{ic|View Certificates}} | |||
# Select the {{ic|Your Certificates}} tab. | |||
# {{ic|Import}} your generated certificate. |
Revision as of 16:53, 2 August 2024
This is simple a guide for requesting access to meet.posixlycorrect.com using easyrsa.
Pre-requisites
- Firefox, or any other browser that can import certificates.
- A Linux distro with easyrsa and openssl installed.
Requesting meet access
Setting up easyrsa and generating request
- Install easyrsa using your distro's package manager.
- Create an empty directory where you'll have your easyrsa setup.
- Initialize your pki:
$ easyrsa init-pki
- Generate a request with easyrsa:
$ easyrsa gen-req <name>
- Send the resulting request via email to the signing authority. In this case, that would be fabian@posixlycorrect.com.
Accepting requests
This part of the guide is meant as a reference for the admins, if you're just requesting access, skip to the next section.
- Take the received request and place it in
pki/reqs
. - Sign the request:
$ easyrsa sign-req client <request name>
- Send back the signed request.
Building your certificate
- Take meet's public certificate, available bellow, and place it in an empty file.
-----BEGIN CERTIFICATE----- MIIDijCCAnKgAwIBAgIUQCBAoFSQrYx063PnK3XKiOJSpvQwDQYJKoZIhvcNAQEL BQAwKzEpMCcGA1UEAwwgcG9zaXhseWNvcnJlY3QuY29tIGdhdGVrZWVwZXIgQ0Ew HhcNMjQwODAyMDcxNzE4WhcNMzQwNzMxMDcxNzE4WjArMSkwJwYDVQQDDCBwb3Np eGx5Y29ycmVjdC5jb20gZ2F0ZWtlZXBlciBDQTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAKxjqIpRxIu2yPejUbyMixZACESrbmIGOhhxwUu1ys6aYPOZ 7yQMs5xuJXcgCuD7Oba1eBi+CpLhyvgZlyLrCfxoCzTdAeeXq0EB7YUn8IYEN3dR e+yds//zkjRzbXAaIbUoAF8XaXgylOSIXLNrh0TTjNscC+TPYvKSbaDhdICOZ1ky u08w5QdOoi1W8FNJd4LKIKWQZW3dMeNaBbKnt9R4mjL28tE5gP6ZYUvcCIoqYAbE DSNq29lXsmDzbD914bN5wYoTP3A+k8QG6eYGb10YgaaJ0TBxeLzadVBq7gFylMt3 1LTNmH/v+l73IYfiDV4O3d33cg0VOKqiD48WCnkCAwEAAaOBpTCBojAMBgNVHRME BTADAQH/MB0GA1UdDgQWBBStVj4YoMTnD+XZ+doBI7Ao17Gg3DBmBgNVHSMEXzBd gBStVj4YoMTnD+XZ+doBI7Ao17Gg3KEvpC0wKzEpMCcGA1UEAwwgcG9zaXhseWNv cnJlY3QuY29tIGdhdGVrZWVwZXIgQ0GCFEAgQKBUkK2MdOtz5yt1yojiUqb0MAsG A1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZgbpPdkhAbrbA7Y63WI2Bo26 tPVCZpsEKiwpyEbDDC+NVrbOit1kQg/j26RuXLDVg19IfXk407FVFVGYVJNE+kXt KjyKCGyyZUBQRebCN8kzFsCQ/AJSfzNKQhEK68rchSH66mbjtOtItkdVZRnq0pWI 7WXlTIxK8KTcAx2V/ijyalCENUpwRWfM4Qnkqsi82Dx9e8V0TRCLomW7IQok4dre F6IolUHw9ZuSC10/T8n8+riqWBWEisBGLz79OrdETdHK9A5gpNHRF+sO9JAhVr/t exBWTEJ33BeI0NX87d0Pneun4nss5FsLst+Ut7Y0F2QF2Iar1iERUalHVIjCtA== -----END CERTIFICATE-----
- Concatenate your signed certificate and meet's public certificate:
$ cat your_cert.crt meets_cert.crt > fullchain.crt
- Generate a certificate that a browser can import:
$ openssl pkcs12 -export -legacy -in fullchain.crt -inkey your_private_key.key -out final-fullchain-key.p12
Adding the certificate to Firefox
Tip: If you don't have Firefox, check out this useful page.
- Go to settings
- Search for Certificates in the search bar.
- Click on
View Certificates
- Select the
Your Certificates
tab. Import
your generated certificate.