Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure communications


Create a CA client in SSL


Overview

A plug point is provided to allow users to connect to a certificate authority (CA) to request, query, and revoke certificates.

A security configuration object, called a CAClient, must be created for WebSphere to communicate with the CA.

The CAClient object must contain a WSPKIClient() implementation, and it will handle the connection and communicate with the CA server. Users can also create there own implementation.

The WSPKIClient interface must be implemented and the class name provided as part of the CAClient when it is created.


Create a new CA client

  1. Click...

      Security | SSL certificate and key management | Certificate Authority (CA) client configurations | New

    We can also create a CA client by using...

      AdminTask createCAClient

  2. Fill in the following information for the CA client

    • Name of the CA client.
    • management scope
    • WSPKIClient implementation class.
    • CA server host name.

    • User name.
    • Password.
    • Confirm of password.
    • Number of times to poll.
    • Polling interval (in minutes) when requesting certificates.
    • Custom properties.

  3. Click Apply then OK.

The information in the object can be used by the runtime to connect to a CA to create, revoke, or replace a certificate. Develop the WSPKIClient interface for communicating with a certificate authority
Secure communications
CAClientCommands command group

+

Search Tips   |   Advanced Search