1
edit
Changes
no edit summary
Add bridge hostname to /etc/hosts:
1) Create the NSS database on the server, to hold the certificate information *AS user '''sigul''' issue the following
[nss]
bridge-hostname: # Put Place sigul bridge hostname here
...
[daemon]
Add hostnames to /etc/hosts:
To begin setup, we have to follow a similar process to the bridge with NSS, except that we will import the CA cert generated on the bridge, not generate a new one locally.
[client]
bridge-hostname: # Place bridge hostname here<BRIDGE HOSTNAME>
...
server-hostname: # Place server hostname here<SERVER HOSTNAME>
...
user-name: # Place your sigul <Sigul username here if it is not the same as 's different from your Linux login>
...
* If you wish to avoid entering an NSS password upon issuing each command, add the following lines:
[nss]
nss-password: <Your NSS PASSPASSWORD>
5) After configuring your client, issue a test client command in DEBUG mode as follows:
#!/bin/bash
#Variables### And initial ##########Initial setup##############
mkdir ~/.sigul
client_dir=~/.sigul
user=$(whoami)
#########################################
echo
########Begin Certificate imports####################Begin Certificate imports
echo "======================="
echo "Setting up NSS Database"
echo "Downloading CA Cert"
echo "==================="
wget http://someurl.com/sigul/sigulca.p12 <-- ###Substitute with a path or url of your exported .p12
echo
echo "=================="
echo "======================"
#########End certificate imports########
######################################## #########NSS password Saver##saver###########
read -p "Would you like to save your nss pass to ~/.sigul/client.conf [y/n]: " nsspasssel
if [ $nsspasssel == "y" -o $nsspasssel == "Y" ]; then
echo "Enter your NSS password One more time: "
rm sigulca.p12
fi
#########################################\
*If you plan to use FAS Authentication, run sigul_setup_client as the user you wish to setup.
