This project requires you to use many of the skills and techniques learned previously. You will not be given step-by-step directions; instead you will be given tasks to do. This is similar to the directions you might receive on the job.
For this project, you will add encryption to your web and email services. This means creating a PKI certificate for each service. Self-signed certificates are fine for this project, or you can obtain a real one (see the hints section below). You will need to support access from your second host to each service on your first host.
Perform the following tasks:
index.htmlfile to your website's DOCROOT, just so something shows. (It should have a link to your web-based email service.)
The following tasks are optional, and not required for this project. (I really doubt any student will have sufficient time to complete these extra tasks!) For a real-word email service, you will need to do more than encrypt the connections. Real-word web services support protected content, requiring authentication of users in addition to encryption.
The optional tasks are:
Use the walk-throughs and other resources found on our class web
Also, remember you can test email using
telnet localhost 25.
If you want to test STARTTLS too, you need a client that
can handle the encryption;
Here's one good way (mailserver is your mail server's DNS
name or IP):
openssl s_client -connect mailserver:25 -starttls smtp -prexit
Here is a list of certificate authorities that offer free SSL/TLS certificates:
Update: Ignore that list and use Let's Encrypt, which provides free web server certificates. The certificates expire after 90 days but can be automatically renewed. To use the certificate could not be easier:
sudo dnf install python-certbot-apache sudo certbot --apache
That will generate the Let's Encrypt certificate, install it, and automatically configure the Apache web server to use it! For more information on this, visit certbot.eff.org.
A copy of your journal pages describing each task you performed. You can send as email to (preferred). If email is a problem for some reason, you may turn in a hard-copy. In this case the pages should be readable, dated, and stapled together. Your name should appear on the first page.
Don't turn in your whole journal, just a copy of the relevant sections. It is common in fact to keep the journal as a text file on the system (with a paper backup of course).
Please see your syllabus for more information about submitting projects.