MTU ISO - Quick Start

  1. The first thing you need to do is register your site, application, or service to get an MTU ISO ID number. You can do this by visiting the MTU ISO Application Registration site. Note that you will have to login, using your MTU ISO login ID and password, to register. Once you have filled out everything write down the application ID you are given.

  2. This is the scary part for some people, but it's really not that bad. This is where you get to compile some things from source. The first thing you need to build is the MTU ISO shared library. Please see the instructions on how to build the MTU ISO library.

    Now that the library is compiled and installed, you can build the Apache module. See the appropriate instructions below.

  3. Now you need to create what is called a public and private key pair. This gets into digital encryption technology which is more math than computer related. Fortunately we provid a web application you can use to Generate a public/private key pair.

  4. You will need to save the PRIVATE KEY and CERTIFICATE (also called the public key) to two separate files. These files will need to be stored on the web server at some point, via SFTP, or whatever transfer method you currently use. I recommend putting them in a directory named mtuiso in your home directory, NOT in your public_html folder. Remember the passphrase you used for the private key! We'll need it later.

  5. You will need to obtain the MTU global certificate authority. You can get it here. This file will have to be stored on the web server as well. I recommend naming it mtuca.crt.

  6. We should now have all of the pieces we need to create the final file. This is the .htaccess file. The .htaccess file goes in the folder with the data you want to protect. The web server reads this file before doing anything else so you can tell it if you want it to do something special, like make sure someone has logged into the MTU ISO system before seeing your data. Again, some nice person has provided a web application to help you Create a .htaccess file for use with MTU ISO. The fields with "*" by them are required.

    The Global Cookie Name and Local Cookie Name cannot be the same.

    The Global Public Certificate file is always /usr/local/mtuiso/mtuca.crt for you.

    You should uncheck the Local Cookie Secure box, unless you have a server certificate. If you don't know what that is, uncheck the box.

    The Local Private CA key is the path to the file you stored the private key in, on the server. It is likely something like /home//mtuiso/mtuiso.key, where is your organization's userid.

    The Local Private CA Passphrase is the passphrase for the key I told you to remember earlier.

    The Local Public CA cert is the path to the file you stored the public key in, on the server. It is likely something like /home//mtuiso/mtuiso.crt, where is your organization's userid.

    If you are uncertain about a field that is not required, just leave it blank.

    The Require directives you are allowed to use on this server are valid-user and User. If you choose User, you must provide a list of MTU userids allowed to see the content. Any MTU userid can be used.

    The generated text can be cut and paste into a text file named ".htaccess", without the quotes. The .htaccess file must be placed in the directory with the content you wish to protect and it must be named .htaccess.

If you have questions after following the above steps please contact itss @ mtu.edu.

For more information about the MTU ISO system please look around the rest of this site.