Sample online CA for Netscape & Microsoft products 
==================================================

This directory houses sample servlets which service certification
requests from Netscape Communicator or Microsoft Internet Explorer.
The certificates returned can then be used for SSL client authentication
(Communicator or IE) and S/MIME secured email (Messenger or Outlook).

This example requires the Java Servlet Development Kit (JSDK) 2.1 from
Sun. Preferably, servlet.jar & server.jar from this distribution, together 
with jcsi.jar from the current JCSI distribution should all be in the 
extensions sub-directory on your system.

The webserver supplied with JSDK 2.1 is used to run the servlet. It should
be easy to adapt the setup to the servlet-capable Web server of your
choice.


Contents
--------

  README          this document
  jcsi/           source code
  classes/        compiled .class files
  Makefile        a Unix Makefile in case re-compilation is necessary
  startCA         a Unix shell script to start the web server
  webpages/       a directory for web pages and servlets
  work/           a directory for temporary files generated by the server

Re-compilation
--------------

Compiled classes for the sample programs are included in the classes/
directory for convenience. If re-compilation is necessary (for instance,
if you change the source code), the included Makefile should suffice.

The servlets
------------

Three servlets are supplied. jcsi.servlet.CACertServlet returns a CA
certificate to the browser. jcs.servlet.NetscapeServlet takes a certification
request sent from Netscape Communicator and returns a certificate generated
by the CA. jcsi.servlet.MicrosoftServlet takes a certification request
sent from Microsoft Internet Explorer and returns a certificate generated
by the CA.

To run them, make sure the Setup instructions below have been followed.
Then execute the Unix shell script ./startCA (without any command-line
parameters) tp put the webserver to listen on port 8080 on the local host.

Then aim your browser of choice at the URL

  http://localhost:8080

and follow the instructions on the page.

The returned and installed certificate can be used for SSL client 
authentication (try the SSL example) or S/MIME secured mail (try sending
yourself an encrypted message).


Setup
-----

This distribution contains jar files, compiled classes & key files,
sufficient to run both the sample programs in this directory. 

Be sure to follow these instructions:

  0. Make sure you have JDK 1.2 properly set up, and the DSTC provider
     configured (See the top-level README if necessary)

  1. Make a copy of the <jcsi_install_dir>/.jcsi/ sub-directory under
     your home directory.

  2. In the file ca.properties in <your_home_directory>/.jcsi/, change
     the 'jcsi.ca.key.dir' entry to point to the full pathname of the
     <your_home_directory>/.jcsi/keys/ directory.

     (for Windows use "\\" as the path separator,
      eg. C:\\WINNT\\Profiles\\Administrator\\.jcsi\\keys)

