dyzulk/trustlab-docs
1
0
Fork 0
mirror of https://github.com/dyzulk/trustlab-docs.git synced 2026-01-26 05:25:38 +07:00
Code Issues Packages Projects Releases Wiki Activity

refactor: migrate to flat-file i18n structure and fix relative imports

Browse Source
This commit is contained in:
dyzulk
2026-01-09 09:29:19 +07:00
parent 44d578f033
commit 545eb3648b
53 changed files with 17 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pages/guide/integrations/_meta.id.json Normal file
View File

@@ -0,0 +1,4 @@
{
"web-servers": "Konfigurasi Web Server",
"smime": "Keamanan Email S/MIME"
}

4
pages/guide/integrations/_meta.json Normal file
View File

@@ -0,0 +1,4 @@
{
"smime": "S/MIME for Email",
"web-servers": "Web Servers (Nginx/IIS)"
}

77
pages/guide/integrations/smime.id.mdx Normal file
View File

@@ -0,0 +1,77 @@
import { Steps, Callout, Tabs } from 'nextra/components'
import { Mail, BadgeAlert, ShieldCheck } from 'lucide-react'
# Keamanan Email S/MIME
Secure/Multipurpose Internet Mail Extensions (S/MIME) memungkinkan Anda untuk **menandatangani** (membuktikan identitas) dan **mengenkripsi** (melindungi konten) pesan email.
<Callout type="warning" emoji={<BadgeAlert className="w-5 h-5" />}>
**Hanya untuk Penggunaan Internal:**
Sertifikat TrustLab bersifat pribadi. Jika Anda mengirim email bertanda tangan ke **Penerima Eksternal** (misal: Gmail, Yahoo), mereka akan melihat peringatan "Tanda Tangan Tidak Dipercaya/Tidak Valid" karena mereka tidak mempercayai Root CA TrustLab.
**Gunakan ini hanya untuk komunikasi internal perusahaan.**
</Callout>
## Panduan Pengaturan
## Konfigurasi Microsoft Outlook
<Tabs items={['Outlook Klasik (Desktop)', 'Outlook Baru (Web Style)']}>
<Tabs.Tab>
**Versi yang Didukung:** Outlook 365, 2019, 2016.
<Steps>
### 1. Buka Trust Center
Buka **File > Options > Trust Center > Trust Center Settings**.
### 2. Email Security
Pilih **Email Security** dari sidebar kiri.
### 3. Impor Sertifikat
Di bawah *Encrypted Email*, klik **Settings...**
* **Signing Certificate**: Klik 'Choose' dan pilih sertifikat TrustLab Anda.
* **Encryption Certificate**: Sama seperti di atas.
### 4. Simpan
Klik **OK** untuk menerapkan.
</Steps>
</Tabs.Tab>
<Tabs.Tab>
**Versi yang Didukung:** Outlook baru untuk Windows, OWA.
*Catatan: Memerlukan ekstensi S/MIME Control.*
<Steps>
### 1. Buka Pengaturan
Klik **Ikon Roda Gigi** (Settings) di pojok kanan atas.
### 2. Menu S/MIME
Navigasi ke **Mail > S/MIME**.
### 3. Aktifkan
Aktifkan **"Encrypt with S/MIME"** dan pilih sertifikat Anda.
</Steps>
</Tabs.Tab>
</Tabs>
## Konfigurasi Thunderbird
**Persyaratan Versi:** v115+ (Supernova) atau yang lebih baru.
<Steps>
### 1. Pengaturan Akun
Klik tombol **Menu (≡)** dan pilih **Account Settings**.
### 2. Enkripsi End-to-End
Pilih akun email Anda dari sidebar dan klik **End-to-End Encryption**.
### 3. Impor Sertifikat
Di bagian **S/MIME**, klik **Add** (atau Manager) untuk mengimpor file `.p12` Anda.
### 4. Terapkan Sertifikat
Di bawah *Select Certificate*, pilih file yang diimpor untuk keduanya:
* **Digital Signing**
* **Encryption**
</Steps>
## Cara Mengetes
Kirim email ke rekan kerja yang juga telah menginstal Root CA. Mereka seharusnya melihat ikon **Pita/Badge** terverifikasi yang menunjukkan bahwa email tersebut dipercaya dan tidak dimodifikasi.

78
pages/guide/integrations/smime.mdx Normal file
View File

@@ -0,0 +1,78 @@
import { Steps, Callout, Tabs } from 'nextra/components'
import { Mail, BadgeAlert, ShieldCheck } from 'lucide-react'
# S/MIME Email Security
Secure/Multipurpose Internet Mail Extensions (S/MIME) allows you to **sign** (prove identity) and **encrypt** (protect content) email messages.
<Callout type="warning" emoji={<BadgeAlert className="w-5 h-5" />}>
**Internal Use Only:**
TrustLab certificates are private. If you send signed emails to **External Recipients** (e.g., Gmail, Yahoo), they will see an "Untrusted/Invalid Signature" warning because they do not trust the TrustLab Root CA.
**Use this for internal corporate communication only.**
</Callout>
## Setup Guide
## Configure Microsoft Outlook
<Tabs items={['Classic Outlook (Desktop)', 'New Outlook (Web Style)']}>
<Tabs.Tab>
**Supported Versions:** Outlook 365, 2019, 2016.
<Steps>
### 1. Open Trust Center
Go to **File > Options > Trust Center > Trust Center Settings**.
### 2. Email Security
Select **Email Security** from the left sidebar.
### 3. Import Certificate
Under *Encrypted Email*, click **Settings...**
* **Signing Certificate**: Click 'Choose' and select your TrustLab cert.
* **Encryption Certificate**: Same as above.
### 4. Save
Click **OK** to apply.
</Steps>
</Tabs.Tab>
<Tabs.Tab>
**Supported Versions:** New Outlook for Windows, OWA.
*Note: Requires S/MIME Control extension.*
<Steps>
### 1. Open Settings
Click the **Gear Icon** (Settings) in the top right.
### 2. S/MIME Menu
Navigate to **Mail > S/MIME**.
### 3. Enable
Enable **"Encrypt with S/MIME"** and select your certificate.
</Steps>
</Tabs.Tab>
</Tabs>
## Configure Thunderbird
**Version Requirement:** v115+ (Supernova) or newer.
<Steps>
### 1. Account Settings
Click the **Menu (≡)** button and select **Account Settings**.
### 2. End-to-End Encryption
Select your email account from the sidebar and click **End-to-End Encryption**.
### 3. Import Certificate
In the **S/MIME** section, click **Add** (or Manager) to import your `.p12` file.
### 4. Apply Certificate
Under *Select Certificate*, choose the imported file for both:
* **Digital Signing**
* **Encryption**
</Steps>
## How to Test
Send an email to a colleague who also has the Root CA installed. They should see a verified **Ribbon/Badge** icon indicating the email is trusted and unmodified.

78
pages/guide/integrations/web-servers.id.mdx Normal file
View File

@@ -0,0 +1,78 @@
import { Tabs, Callout } from 'nextra/components'
import { Server, Globe, Shield } from 'lucide-react'
# Konfigurasi Web Server
Untuk mengaktifkan HTTPS pada layanan internal Anda, Anda perlu mengonfigurasi web server agar menggunakan sertifikat yang diterbitkan oleh TrustLab.
<Callout type="info" emoji={<Shield className="w-5 h-5" />}>
**Prasyarat:** Pastikan Anda telah mengunduh **PEM Bundle** (untuk Linux) atau **PFX** (untuk Windows) seperti yang dijelaskan dalam [Panduan Unduh](/id/guide/certificates/download-install).
</Callout>
## Contoh Konfigurasi
Pilih lingkungan web server Anda di bawah ini:
<Tabs items={['Nginx', 'Apache (httpd)', 'IIS (Windows)']}>
<Tabs.Tab>
### Pengaturan Nginx
File Target: `/etc/nginx/sites-available/default` atau `internal.app.conf`
```nginx
server {
listen 80;
server_name internal.app;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name internal.app;
# SSL Configuration
ssl_certificate /etc/ssl/trustlab/internal.app.crt;
ssl_certificate_key /etc/ssl/trustlab/internal.app.key;
# Recommended Security
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
}
```
</Tabs.Tab>
<Tabs.Tab>
### Pengaturan Apache / HTTPD
File Target: `/etc/httpd/conf.d/ssl.conf` atau file VHost.
```apache
<VirtualHost *:443>
ServerName internal.app
DocumentRoot /var/www/html/internal
SSLEngine on
SSLCertificateFile "/path/to/internal.app.crt"
SSLCertificateKeyFile "/path/to/internal.app.key"
# Best Practice
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
</VirtualHost>
```
5. Pergi ke **Sites**, pilih situs Anda, dan klik **Bindings...**.
6. Tambahkan binding `https` dan pilih sertifikat TrustLab yang baru diimpor.
</Tabs.Tab>
</Tabs>
---
## Verifikasi Konfigurasi
Gunakan perintah `curl` dari terminal untuk memastikan sertifikat terdeteksi dengan benar:
```bash
curl -vI https://internal.yourcompany.local
```
Perhatikan baris `server certificate verification OK`. Jika muncul error, pastikan Anda telah menginstal Root CA di perangkat yang menjalankan perintah tersebut.
> [!NOTE]
> Sangat disarankan untuk selalu menggunakan file **BUNDLE/COMBINED** (Sertifikat + Intermediate) untuk menghindari masalah rantai sertifikat (Chain Error) di beberapa browser mobile.

76
pages/guide/integrations/web-servers.mdx Normal file
View File

@@ -0,0 +1,76 @@
import { Tabs, Callout } from 'nextra/components'
import { Server, Globe, Shield } from 'lucide-react'
# Web Server Configuration
To enable HTTPS on your internal services, you need to configure your web server to use the certificates issued by TrustLab.
<Callout type="info" emoji={<Shield className="w-5 h-5" />}>
**Prerequisite:** Ensure you have downloaded the **PEM Bundle** (for Linux) or **PFX** (for Windows) as described in the [Download Guide](/guide/certificates/download-install).
</Callout>
## Configuration Examples
Select your web server environment below:
<Tabs items={['Nginx', 'Apache (httpd)', 'IIS (Windows)']}>
<Tabs.Tab>
### Nginx Setup
Target File: `/etc/nginx/sites-available/default` or `internal.app.conf`
```nginx
server {
listen 80;
server_name internal.app;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name internal.app;
# SSL Configuration
ssl_certificate /etc/ssl/trustlab/internal.app.crt;
ssl_certificate_key /etc/ssl/trustlab/internal.app.key;
# Recommended Security
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
}
```
</Tabs.Tab>
<Tabs.Tab>
### Apache / HTTPD Setup
Target File: `/etc/httpd/conf.d/ssl.conf` or VHost file.
```apache
<VirtualHost *:443>
ServerName internal.app
DocumentRoot /var/www/html/internal
SSLEngine on
SSLCertificateFile "/path/to/internal.app.crt"
SSLCertificateKeyFile "/path/to/internal.app.key"
# Best Practice
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
</VirtualHost>
```
</Tabs.Tab>
<Tabs.Tab>
### IIS (Internet Information Services)
Requires the **.pfx** file format.
1. **Import Certificate**:
* Open **IIS Manager** > Click Server Node > **Server Certificates**.
* Click **Import...** (Actions pane).
* Select your `.pfx` file and enter the password.
2. **Bind to Site**:
* Go to **Sites** > Select your site (e.g., Default Web Site).
* Click **Bindings...** > **Add...**
* Type: `https` | Port: `443`.
* **SSL Certificate**: Select the certificate you just imported.
</Tabs.Tab>
</Tabs>