Toggle menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

Requesting meet access: Difference between revisions

From posixlycorrect wiki
No edit summary
m (Protected "Requesting meet access": If someone edits the public key (accidentally or otherwise), this guide wont work. ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)))
(No difference)

Revision as of 04:50, 4 August 2024

This is simple a guide for requesting access to meet.posixlycorrect.com using easyrsa.

Pre-requisites

  1. Firefox, or any other browser that can import certificates.
  2. A Linux distro with easyrsa and openssl installed.

Requesting meet access

Setting up easyrsa and generating request

  1. Install easyrsa and openssl using your distro's package manager.
  2. Create an empty directory where you'll have your easyrsa setup.
  3. Initialize your pki:
$ easyrsa init-pki
  1. Generate a request with easyrsa:
$ easyrsa gen-req <name>
  1. Send the resulting request via email to the signing authority. In this case, that would be fabian@posixlycorrect.com.


Accepting requests

This part of the guide is meant as a reference for the admins, if you're just requesting access, skip to the next section.

  1. Take the received request and place it in pki/reqs.
  2. Sign the request:
$ easyrsa sign-req client <request name>
  1. Send back the signed request.


Building your certificate

  1. Take meet's public certificate, available bellow, and place it in an empty file.
-----BEGIN CERTIFICATE-----
MIIDijCCAnKgAwIBAgIUQCBAoFSQrYx063PnK3XKiOJSpvQwDQYJKoZIhvcNAQEL
BQAwKzEpMCcGA1UEAwwgcG9zaXhseWNvcnJlY3QuY29tIGdhdGVrZWVwZXIgQ0Ew
HhcNMjQwODAyMDcxNzE4WhcNMzQwNzMxMDcxNzE4WjArMSkwJwYDVQQDDCBwb3Np
eGx5Y29ycmVjdC5jb20gZ2F0ZWtlZXBlciBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxjqIpRxIu2yPejUbyMixZACESrbmIGOhhxwUu1ys6aYPOZ
7yQMs5xuJXcgCuD7Oba1eBi+CpLhyvgZlyLrCfxoCzTdAeeXq0EB7YUn8IYEN3dR
e+yds//zkjRzbXAaIbUoAF8XaXgylOSIXLNrh0TTjNscC+TPYvKSbaDhdICOZ1ky
u08w5QdOoi1W8FNJd4LKIKWQZW3dMeNaBbKnt9R4mjL28tE5gP6ZYUvcCIoqYAbE
DSNq29lXsmDzbD914bN5wYoTP3A+k8QG6eYGb10YgaaJ0TBxeLzadVBq7gFylMt3
1LTNmH/v+l73IYfiDV4O3d33cg0VOKqiD48WCnkCAwEAAaOBpTCBojAMBgNVHRME
BTADAQH/MB0GA1UdDgQWBBStVj4YoMTnD+XZ+doBI7Ao17Gg3DBmBgNVHSMEXzBd
gBStVj4YoMTnD+XZ+doBI7Ao17Gg3KEvpC0wKzEpMCcGA1UEAwwgcG9zaXhseWNv
cnJlY3QuY29tIGdhdGVrZWVwZXIgQ0GCFEAgQKBUkK2MdOtz5yt1yojiUqb0MAsG
A1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZgbpPdkhAbrbA7Y63WI2Bo26
tPVCZpsEKiwpyEbDDC+NVrbOit1kQg/j26RuXLDVg19IfXk407FVFVGYVJNE+kXt
KjyKCGyyZUBQRebCN8kzFsCQ/AJSfzNKQhEK68rchSH66mbjtOtItkdVZRnq0pWI
7WXlTIxK8KTcAx2V/ijyalCENUpwRWfM4Qnkqsi82Dx9e8V0TRCLomW7IQok4dre
F6IolUHw9ZuSC10/T8n8+riqWBWEisBGLz79OrdETdHK9A5gpNHRF+sO9JAhVr/t
exBWTEJ33BeI0NX87d0Pneun4nss5FsLst+Ut7Y0F2QF2Iar1iERUalHVIjCtA==
-----END CERTIFICATE-----
  1. Concatenate your signed certificate and meet's public certificate:
$ cat your_cert.crt meets_cert.crt > fullchain.crt
  1. Generate a certificate that a browser can import:
$ openssl pkcs12 -export -legacy -in fullchain.crt -inkey your_private_key.key -out final-fullchain-key.p12


Adding the certificate to Firefox

Tip: If you don't have Firefox, check out this useful page.
  1. Go to settings
  2. Search for Certificates in the search bar.
  3. Click on View Certificates
  4. Select the Your Certificates tab.
  5. Import your generated certificate.