---+ Certificate Authority and Issuer Setup Guide
The following step-by-step guide walks you through the processing of configuring your ODS instance for issuing CA-Authority notarized X.509 certificates for ODS instance users.
---++ Certificate Authority Setup
1 Install the [[http://s3.amazonaws.com/opldownload/uda/vad-packages/6.1/virtuoso/ods_framework_dav.vad][ODS]] and [[http://s3.amazonaws.com/opldownload/uda/vad-packages/6.1/virtuoso/conductor_dav.vad][Virtuoso Conductor]] VAD packages.
1 [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSetupSSLVirtuoso][Bind your Virtuoso HTTPS Listener]] to host a CA-Authority certificate.
---++ ODS Endpoint Configuration
Note: If the DefaultHost setting value in the Virtuoso INI file is changed, the ODS VAD package must be re-installed before the steps below will succeed.
1 Go to *Conductor* -> *System Admin* -> *Security* -> *Public Key Infrastructure* -> *Configure HTTPS Listeners*.
%BR%%BR%%BR%%BR%
1 Click *Configure ODS Endpoints*
%BR%%BR%%BR%%BR%
1 Click *Create New Endpoint*
1 Enter the home path for ODS, and save:
%BR%%BR%%BR%%BR%
1 The new endpoint should now appear in the Endpoints list:
%BR%%BR%%BR%%BR%
1 Go to the HTTPS site, e.g., https://<cname>:<port>/ods/; in our example, https://localhost:4433/ods/.
1 If Firefox is used, it will complain that the certificate is not valid, so we must register the site's certificate.
%BR%%BR%%BR%%BR%
1 To add an exception to the Firefox certificate manager, drill down to *Firefox Tools* -> *Options* -> *View Certificates* -> *Servers* -> *Add Exception*.
%BR%%BR%%BR%%BR%
1 Confirm exception.
%BR%%BR%%BR%%BR%
1 Return to the ODS site, and register new user.
%BR%%BR%%BR%%BR%
1 [[ODSGenerateX509Certificate][Generate an X.509 Certificate for the new user]].
1 Log out from ODS and refresh browser to simulate opening the ODS site.
1 Go to https://<cname>:<ssl-port>/ods/. The browser will ask for a certificate; select the one you generated in the steps above.
%BR%%BR%%BR%%BR%
1 ODS presents your card, and asks whether to login with that certificate. Confirm it.
%BR%%BR%%BR%%BR%
1 You should now be logged in to ODS via WebID Protocol.
%BR%%BR%%BR%%BR%
--++Related
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLEndpointProtection][Safeguarding your Virtuoso-hosted SPARQL Endpoint]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtTipsAndTricksGuideSPARQLEndpointProtection][SPARQL Endpoint Protection Methods Collection]]
* [[http://docs.openlinksw.com/virtuoso/][Virtuoso documentation]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpoint][SPARQL Service Endpoint]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpointuri][Service Endpoint Security]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#sparqwebservicetbl][Managing a SPARQL Web Service Endpoint]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html][SPARQL]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtTipsAndTricksGuide][Virtuoso Tips and Tricks Collection]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLDET][SPARQL Endpoint DET Configuration Guide]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLSecurityWebID][WebID Protocol & SPARQL Endpoint ACLs Tutorial]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtOAuthSPARQL][SPARQL OAuth Tutorial]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtTipsAndTricksGuideSPARQLEndpoints][Securing SPARQL endpoints]]
* [[OdsSPARQLAuth][SPARUL over SPARQL using the http://cname:port/sparql-auth endpoint]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtAuthServerUI][Virtuoso Authentication Server UI]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSPARQLSSL][Manage a SPARQL-WebID based Endpoint]]
* [[ODSSetupSSL][Configure Virtuoso+ODS instance as an X.509 Certificate Authority and HTTPS listener]]
* [[http://virtuoso.openlinksw.com/dataspace/dav/wiki/Main/VirtSetupSSL][Configure Virtuoso instance as an X.509 Certificate Authority and HTTPS listener]]
* [[VirtODSSecurityWebID][WebID Protocol Support in OpenLink Data Spaces]].
* Manage ODS Datadspaces Objects WebID Access Control Lists (ACLs):
* [[ODSBriefcaseWebID][ODS Briefcase WebID based ACL Guide]]
* [[ODSBriefcaseWebIDPerson][Person Entity WebID based ACL Guide]]
* [[ODSBriefcaseWebIDGroup][Group Entity WebID based ACL Guide]]
* [[ODSBriefcaseWebIDPublic][Public WebID based ACL Guide]]
* [[ODSFeedManagerWebIDACL][ODS Feed Manager WebID based ACL Guide]]
* [[ODSFeedManagerWebIDACLPerson][Person Entity Specific ACL]]
* [[ODSFeedManagerWebIDACLGroup][Group Entity Specific ACL]]
* [[ODSFeedManagerWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[ODSCalendarWebIDACL][ODS Calendar WebID based ACL Guide]]
* [[ODSCalendarWebIDACLPerson][Person Entity Specific ACL]]
* [[ODSCalendarWebIDACLGroup][Group Entity Specific ACL]]
* [[ODSCalendarWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[ODSBookmarksWebIDACL][ODS Bookmark Manager WebID based ACL Guide]]
* [[ODSBookmarksWebIDACLPerson][Person Entity Specific ACL]]
* [[ODSBookmarksWebIDACLGroup][Group Entity Specific ACL]]
* [[ODSBookmarksWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[ODSAddressBookWebIDACL][ODS Addressbook WebID based ACL Guide]]
* [[ODSAddressBookWebIDACLPerson][Person Entity Specific ACL]]
* [[ODSAddressBookWebIDACLGroup][Group Entity Specific ACL]]
* [[ODSAddressBookWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[VirtODSPubSubHub][Setting up PubSubHub in ODS]]
* [[VirtPubSubHub][PubSubHubBub Demo Client Example]]
* [[VirtFeedPubSubHub][Feed subscription via PubSubHub protocol Example ]]
* [[VirtPubSubHubACL][Setting Up PubSubHub to use WebID Protocol or IP based control lists]]
* [[OdsKeyImport][CA Keys Import using Conductor]]
* [[VirtODSSecurityWebID][WebID Protocol Support in OpenLink Data Spaces]].
* [[ODSGenerateX509Certificate][Generate an X.509 Certificate hosted WebID Guide]]
* [[ODSGenerateWebIDX509CertOSKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by host operating system keystore]]
* [[ODSGenerateWebIDX509CertBrsKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by a browser-based keystore]]
* [[ODSWebIDIdP][Using Virtuoso's WebID Verification Proxy Service with a WebID-bearing X.509 certificate]]
* [[ODSWebIDIdpProxy][Using Virtuoso's WebID Identity Provider (IdP) Proxy Service with an X.509 certificate]]
* [[ODSBriefcaseWebIDShareFile][ODS Briefcase WebID Protocol Share File Guide]]
* [[http://esw.w3.org/topic/foaf+ssl][WebID Protocol Specification]]
* [[https://foaf.me/simpleLogin.php][Test WebID Protocol Certificate page]]
* [[http://test.foafssl.org/cert/][WebID Protocol Certificate Generation page]]
CategoryDocumentation CategorySecurity CategoryVirtuoso CategoryFOAF CategoryODS