windows-certificates

Getting SSL Access to the TOVA Server

  • Note: please make sure that the Windows "hide common file extensions" is turned off, so that you see "file.txt" instead of just "file".
    • In any folder, select the "View" tab and check the box called "File name extensions" on the right side.

Part 1: Download the tools

  1. Download the TOVA SSL tools: https://temp.tovacompany.com/hidden/stunnel/tova-stunnel-x86_64.zip
  2. Double click on the ZIP file.
  3. Drag the contents, a folder called tova-stunnel-x86_64, onto your Desktop.

Part 2: Generate an x509 key and a Certificate Signing Request (CSR)

  1. Open up the tova-stunnel-x86_64 folder and double click on request.bat.
    • If Windows "protected your PC", click on 'More Info' and then 'Run Anyway'.
  2. A command-line window will open.
  3. Type in a temporary password for your key. You'll only need this password for this process.
  4. Fill in all of your information, including your location, name, and email address.
  5. A certificate will be generated, stored in a local 'certificates' folder, and magically sent to the TOVA admins.
  6. Hit any key to close the window.
  7. Don't forget that temporary password!

Part 3: Get the signed certificate

  1. The TOVA admins will ask if that was you, then sign your certificate.
  2. You'll get an email with an email with a link to your new certificate.
  3. Copy the first link in the email.
  4. Start up Chrome, Microsoft Edge, or Microsoft IE. Do not use FireFox. Paste in the link, and it should begin downloading the file user.crt.
  5. Save the file, or move it later, into the certificates folder in the tova-stunnel-x86_64 folder that's on your desktop.

Part 4: Generating a P12 file from key and signed certificate

  1. Double click on repackage.bat in the tova-stunnel-x86_64 folder.
    • If Windows "protected your PC", click on 'More Info' and then 'Run Anyway'.
  2. A command-line window will open.
  3. If it complains about not finding the file, rename the .ucert to match the file it's looking for and start this part over.
  4. Enter in the password you type in above in Part 2.
  5. A P12 file will be generated in the certificates folder.
  6. Hit any key to close the window.

Part 5: Install certificate into Windows

  1. Open up the certificates folder in the tova-stunnel-x86_64 folder that's on your desktop.
  2. Double click on the file that ends in .p12 in the tova-stunnel-x86_64 folder.
    • If you want to double check: if you hover over that file, it's called a "Personal Information Exchange" file.
  3. The Windows Certificate Import Wizard should open.
  4. Repeatedly hit 'Next' until it asks for your password.
  5. Enter in the password you type in above in Part 2. Now you can forget this password :)
  6. Keep clicking 'Next' and finally 'Finish'.
  7. You should get a dialog that says "The import was successful."

What works now