This is a diff between 1.1 and 1.2 revisions:

* [[http://test.foafssl.org/cert/][WebID Protocol Certificate Generation page]] * [[https://foaf.me/simpleLogin.php][Test WebID Protocol Certificate page]] * [[http://esw.w3.org/topic/foaf+ssl][WebID Protocol Specification]] * [[ODSBriefcaseWebIDShareFile][ODS Briefcase WebID Protocol Share File Guide]] * [[ODSWebIDIdpProxy][Using Virtuoso's WebID Identity Provider (IdP) Proxy Service with an X.509 certificate]] * [[ODSWebIDIdP][Using Virtuoso's WebID Verification Proxy Service with a WebID-bearing X.509 certificate]] * [[ODSGenerateWebIDX509CertBrsKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by a browser-based keystore]] * [[ODSGenerateWebIDX509CertOSKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by host operating system keystore]] * [[OdsKeyImport][CA Keys Import using Conductor]] * [[VirtPubSubHubACL][Setting Up PubSubHub to use WebID Protocol or IP based control lists]] * [[VirtFeedPubSubHub][Feed subscription via PubSubHub protocol Example ]] * [[VirtPubSubHub][PubSubHubBub Demo Client Example]] * [[VirtODSPubSubHub][Setting up PubSubHub in ODS]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSetupSSL][Configure Virtuoso instance as an X.509 Certificate Authority and HTTPS listener]] * [[ODSSetupSSL][Configure Virtuoso+ODS instance as an X.509 Certificate Authority and HTTPS listener]] * [[ODSPkiSetup][Guide for Set up a X.509 certificate issuer and HTTPS listener and generate ODS user certificates]] * [[ODSAddressBookWebIDACLPublic][Public Specific ACL for anyone with a WebID]] * [[ODSAddressBookWebIDACLGroup][Group Entity Specific ACL]] * [[ODSAddressBookWebIDACLPerson][Person Entity Specific ACL]] * [[ODSAddressBookWebIDACL][ODS Addressbook WebID based ACL Guide]] * [[ODSBookmarksWebIDACLPublic][Public Specific ACL for anyone with a WebID]] * [[ODSBookmarksWebIDACLGroup][Group Entity Specific ACL]] * [[ODSBookmarksWebIDACLPerson][Person Entity Specific ACL]] * [[ODSBookmarksWebIDACL][ODS Bookmark Manager WebID based ACL Guide]] * [[ODSCalendarWebIDACLPublic][Public Specific ACL for anyone with a WebID]] * [[ODSCalendarWebIDACLGroup][Group Entity Specific ACL]] * [[ODSCalendarWebIDACLPerson][Person Entity Specific ACL]] * [[ODSCalendarWebIDACL][ODS Calendar WebID based ACL Guide]] * [[ODSFeedManagerWebIDACLPublic][Public Specific ACL for anyone with a WebID]] * [[ODSFeedManagerWebIDACLGroup][Group Entity Specific ACL]] * [[ODSFeedManagerWebIDACLPerson][Person Entity Specific ACL]] * [[ODSFeedManagerWebIDACL][ODS Feed Manager WebID based ACL Guide]] * [[ODSBriefcaseWebIDPublic][Public WebID based ACL Guide]] * [[ODSBriefcaseWebIDGroup][Group Entity WebID based ACL Guide]] * [[ODSBriefcaseWebIDPerson][Person Entity WebID based ACL Guide]] * [[ODSBriefcaseWebID][ODS Briefcase WebID based ACL Guide]] * Manage ODS Datadspaces Objects WebID Access Control Lists (ACLs): * [[VirtODSSecurityWebID][WebID Protocol Support in OpenLink Data Spaces]]. * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLSSL][Manage a SPARQL-WebID based Endpoint]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtAuthServerUI][Virtuoso Authentication Server UI]] * [[OdsSPARQLAuth][SPARUL over SPARQL using the http://cname:port/sparql-auth endpoint]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtTipsAndTricksGuideSPARQLEndpoints][Securing SPARQL endpoints]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtOAuthSPARQL][SPARQL OAuth Tutorial]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLSecurityWebID][WebID Protocol & SPARQL Endpoint ACLs Tutorial]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLDET][SPARQL Endpoint DET Configuration Guide]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtTipsAndTricksGuide][Virtuoso Tips and Tricks Collection]] * [[http://docs.openlinksw.com/virtuoso/rdfsparql.html][SPARQL]] * [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#sparqwebservicetbl][Managing a SPARQL Web Service Endpoint]] * [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpointuri][Service Endpoint Security]] * [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpoint][SPARQL Service Endpoint]] * [[http://docs.openlinksw.com/virtuoso/][Virtuoso documentation]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtTipsAndTricksGuideSPARQLEndpointProtection][SPARQL Endpoint Protection Methods Collection]] * [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLEndpointProtection][Safeguarding your Virtuoso-hosted SPARQL Endpoint]] * [[http://www.youtube.com/watch?v=eXoxUo7Py4M&feature=share][Using Safari to Demonstrate WebID + OpenID Hybrid Protocol Power!]] * [[http://www.youtube.com/watch?v=gzqHVUb3qrw&feature=share][Power of WebID + OpenID Hybrid Protocol via Internet Explorer & Windows]]---++Related * <b>Windows:</b> OpenSSL is not needed. The Windows-native keystore lets you create certificates, based on Microsoft's root CA. * <b>Mac OS X:</b> OpenSSL is not needed. The Mac-native keystore lets you create certificates, based on Apple's root CA.---++++ OS-Specific Notes * <b>Opera:</b> You must import the Private Key into the OS- and/or Browser-based keystore(s) using the relevant import mechanism. * <b>Firefox:</b> You must import the Private Key into the OS- and/or Browser-based keystore(s) using the relevant import mechanism.---++++ Browser-Specific Notes 1 [[http://ods.openlinksw.com/wiki/ODS/VirtODSSecurityWebID#Test%20the%20setup][Test the setup]]. 1 [[http://ods.openlinksw.com/wiki/ODS/VirtODSSecurityWebID#Configure%20your%20ODS%20Account%20to%20use%20the%20WebID%20Protocol][Configure your ODS Account to use the WebID Protocol]]. 1 [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSetupSSLFileSystem][Set up HTTPS Support in Virtuoso]]. 1 [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtGenerateX509Cert][Generate x.509 Certificate]].---++++Basic StepsYou can manually use OpenSSL to generate the certificate, and then import that Certificate to ODS through its PEM Import UI. Then, both Certificate and Private Key must be imported into the OS- and/or browser-based keystore. Finally, the Cert results in ---+++ Using openssl 1. Import the generated Cert in ODS by pasting its content in the X.509 Certificate text-area presented at <b><i>User Profile -> Edit -> Security -> X.509 Certificates</i></b> tab page. 1. [[http://technet.microsoft.com/en-us/library/bb727068.aspx][Generate Certificate Guide]]. 1. [[http://swimmingpooldotnet.wordpress.com/2009/12/15/how-to-view-local-machine-keystore-windows-xp/][View Local Machine KeyStore and enable a snap-in]].---+++ Using Windows-Native Keystore * [[ODSGenerateWebIDX509CertOSKeystore][Generate an X.509 Certificate with a WebID watermark that's stored by OS keystore]]---+++ Using Virtuoso Certificate Generation Wizard (Windows only) * [[ODSGenerateWebIDX509CertBrsKeystore][Generate an X.509 Certificate with a WebID watermark that's stored by browser keystore]]---+++ Using ODS---++ X.509 Certificate Generation Methods| *Safari* | <code><nowiki>&lt;keygen/&gt;</nowiki></code> | Y | N | || *Opera* | <code><nowiki>&lt;keygen/&gt;</nowiki></code> | N | Y | || *IE* | Windows-native generator | Y %BR% (Windows only) | N | Best reserved for advanced users. || *IE* | <nop>OpenLink X.509 Certificate Generator plug-in | Y | N | When using the user-friendly, Wizard-style interface of this plug-in, you (the issuer) must create a root CA certificate before generating any WebID-watermarked certificates. || *Firefox* | <code><nowiki>&lt;keygen/&gt;</nowiki></code> | N | Y | || *Firefox* | .NET-based browser plug-in | Y | N | || *Chrome* | <code><nowiki>&lt;keygen/&gt;</nowiki></code> | Y | N | || *Browser* | *Generation* | *OS-based Keystore* | *Browser-based Keystore* | *Notes* |---++Certificate Generation & Keystore ManagementBelow, we cover certificate generation for several browsers, with keystore persistence handled variously by the host operating system or the Browser.With ODS, certificate generation is typically done through a web browser. The specific process varies because each browser vendor has chosen their own approach to manage Certificates and their associated Private Keys.Thanks to its Virtuoso underpinnings, ODS possesses built-in functionality for generating X.509 Certificates with WebID watermarks. ---++How are X.509 Certificates generated? X.509 Certificates provide an elegant alternative which is more easily maintained, with a more streamlined user experience overall.Password-based authentication is inherently difficult to maintain, and presents an awkward option in the context of RESTful client/server interactions over local and wide area networks (LANs and WANs).---++Why use X.509 Certificates for Authentication?%TOC%---+ Generating WebID-watermarked X.509 Certificates for Use with ODS