Preparation for SSL configuration

Before configuring SSL for secure communication, install and configure ISIM Server. Then, locate IBM Global Security Kit (GSKit) to generate certificates.

Complete these tasks.

1. Install ISIM Server and required supported middleware, including the directory server. This example assumes that a cluster configuration exists and that the directory server is on a separate computer.
2. Ensure that the initial configuration is running correctly. See IBM Security Identity Manager Configuration Guide.
3. Locate the IBM Global Security Kit (GSKit), which is included in the IBM Security Directory Server that the initial configuration installs. For example, locate the /path/local/ibm/gsk7/bin directory on the computer that has the Security Directory Server, where path is a value such as usr.

   The GSKit package provides the iKeyman key management utility, gsk7ikm. Use the utility to create key databases, public-private key pairs, and certificate requests. The following steps assume that we use the iKeyman utility to create self-signed certificates for secure communication. Alternatively, we can use the WebSphere Application Server administrative console to create a self-signed certificate.

   A self-signed digital certificate is a temporary digital certificate that you issue to ourself with ourself as the certificate authority (CA). When you complete testing, replace the self-signed certificate with a certificate signed by a CA certificate from a well-known certificate authority.

Parent topic: Secure communication with supported middleware