Sun Microsystems 5.1.1 manual Chapter Section Operating SSL Using the OpenSSL Utility

Page 39

Chapter 4

Section 4.4

Operating SSL

Using the OpenSSL Utility

#This is mostly being used for generation of certificate requests.

RANDFILE = .rnd

####################################################################

[ ca ]

default_ca= CA_default# The default ca section

####################################################################

[ CA_default ]

dir

= G:\\openssl\\\bin\\demoCA# Where everything is kept

certs

= $dir\\certs

# Where the issued certs are kept

crl_dir= $dir\\crl

# Where the issued crl are kept

database= $dir\\index.txt# database index file.

new_certs_dir= $dir\\newcerts# default place for new certs.

certificate= $dir\\cacert.pem

# The CA certificate

serial

= $dir\\serial

# The current serial number

crl

= $dir\\crl.pem

# The current CRL

private_key= $dir\\private\\cakey.pem

# The private

key

 

 

RANDFILE= $dir\\private\\private.rnd # private random

number

file

x509_extensions= x509v3_extensions# The

extentions to

add

to

the cert

default_days= 365

# how long to

certify for

default_crl_days= 30# how long before

next CRL

default_md= md5

#

which md to

use.

preserve = no

#

keep passed

DN

ordering

#A few difference way of specifying how similar the request should l ook

#For type CA, the listed attributes must be the same, and the option

al

#and supplied fields are just that :-)

policy = policy_match

#For the CA policy [ policy_match ] countryName = match stateOrProvinceName= match organizationName= match organizationalUnitName= optional commonName = supplied emailAddress = optional

#For the 'anything' policy

#At this point in time, you must list all acceptable 'object'

#types.

[ policy_anything ] countryName= optional stateOrProvinceName= optional localityName= optional organizationName= optional organizationalUnitName= optional commonName = supplied emailAddress = optional

####################################################################

[ req ]

default_bits= 1024

default_keyfile = privkey.pem distinguished_name= req_distinguished_name attributes= req_attributes

HTTPS eWay Adapter User’s Guide

39

Sun Microsystems, Inc.

Page 38 Page 40
Image 39
Page 38 Page 40
Contents EWAY Https Adapter USER’S Guide Version Contents Http Settings Proxy Configuration Security Authentication Http OTD Method DescriptionsAdditional SSL Section Notes Verify hostname Server Mode Operation Connection Pool SettingsImplementing the Https eWay JCD Sample Projects Running the Sample Running the Sample in SSL ModeWhat’s in This Chapter About Http and HttpsAbout the Https eWay Http MessagesWeb Browser Cookies Sample Http Exchange in Client Mode GET and Post MethodsCookie Expiration Date Checking Body Html Sample Http Exchange in Server ModeSample Input Form What’s New in This ReleaseAbout This Document Https eWay Javadoc ScopeIntended Audience Text ConventionsRelated Documents Sun Microsystems, Inc. Web SiteDocumentation Feedback Https eWay System Requirements Installing the Https eWayAfter you have installed eGate or eInsight, do the following Installing the Https eWay on an eGate supported systemSteps to extract the Sample Projects include After InstallationExtracting the Sample Projects and Javadocs Steps to extract the Javadoc includeImport the Project Ican 5.0 Project Migration ProceduresInstall Java Caps Export the ProjectInstalling Enterprise Manager eWay Plug-Ins Https eWay Alert Codes Viewing Alert CodesTo add plug-ins from the Enterprise Manager To View the eWay Alert CodesHTTPCLIENTEWAY-CONNECT Https Client OTD Overview of eWay OTDsHttp OTD Method Descriptions Https Server OTDInput Server Request Node Working with the Server OTD Input Server Response NodeSendResponse Example Collaboration ExampleOverview Operating SSLHttps eWay HackerCreating a KeyStore in JKS Format KeyStores and TrustStoresGenerating a KeyStore and TrustStore KeyStoresTo generate a KeyStore Creating a KeyStore in PKCS12 Format To create a new TrustStore Using an Existing TrustStoreTrustStores Creating a TrustStoreSSL Handshaking Client ServerEWay Server Web Client EWayCreating a Sample CA Certificate Using the OpenSSL UtilitySigning Certificates With Your Own CA # SSLeay example properties file Windows OpenSSL.cnf File ExampleChapter Section Operating SSL Using the OpenSSL Utility Copyright 1998-2001 The OpenSSL Project. All rights reserved Configuring the eWay Connectivity Map Properties Creating and Configuring the Https eWayTo configure the Https Server eWay properties To configure the Https eWay propertiesConnectivity Map with Components Server Configuring the eWay Environment PropertiesEWay Connectivity Map Properties To Configure the Environment PropertiesHttp eWay-HTTP Settings Configuring the Connectivity Map Https eWay PropertiesHttps eWay Configuration Sections Include Https Server eWay Configuration Sections IncludeEWay Environment Properties Http Server eWay-HTTP Server External ConfigurationEnvironment Configuration-HTTP Settings Http SettingsEnvironment Configuration-Proxy Configuration Proxy ConfigurationProxy Username Proxy passwordSecurity Name Description Required Value Proxy PortAuthentication Environment Configuration-Security, AuthenticationEnvironment Configuration-Security, SSL Com.ibm.jsse.IBMJSSEProvid Name Description Required Value Jsse Provider ClassCom.sun.net.ssl.internal.ssl.P RoviderRequired Values Additional SSL Section NotesVerify hostname DescriptionConnection Pool Settings Environment Configuration-Connection Pool SettingsAdditional information Setting Acceptor Threads Property for Https Server Mode EInsight Engine and Components Implementing the Https eWay Bpel Sample ProjectsNode Name Description Server Mode OperationHttps eWay With eInsight Receive Business Rule Designer Output NodesReceive Business Rule Designer Output Nodes Importing a Sample Project About the Https eWay eInsight Sample ProjectsProject Overview Building and Deploying the prjHTTPClientBPEL Sample ProjectGET Command GetSample.xml Project OperationsInput and Output Data Sample DTD MultipleDataIn.dtd Post Command PostSample.xmlCreating a Project Creating the OTDOTD Wizard Selection Include DTDs to Selected List OTD Options Creating a Business ProcessLogic of the Business Process Business Process Cases To create a Business ProcessCase Activity Result Business Process Icons Client Business Process With Link Business Rules Client Business Rule Designer First Link Business Rule Business Rule Designer Second Link Business Rule Business Rule Designer Third Link Business Rule Business Rule Designer Case 1 Business Rule Business Rule Designer Case 2 Business Rule Decision Gate Properties Dialog Box Case To create a Connectivity Map Creating a Connectivity MapTo select external applications Selecting External ApplicationsPopulating the Connectivity Map Defining the Business ProcessSteps required to bind eWay components together Binding the eWay ComponentsEnvironment Editor envHTTPClientBPEL Creating an EnvironmentCmHTTPClient Outbound File eWay Settings Configuring the eWaysConfiguring the Https eWay Properties CmHTTPClient Inbound File eWay SettingsCreating and Activating the Deployment Profile Configuring the Integration ServerCreate and Start the Domain Creating and Starting the DomainBuilding and Deploying the Project Running the SampleBuild the Project Building and Deploying the prjHTTPServerBPEL Sample Project ƒ postBPELHTTPS Content of postBPELHTTPS.html isServer Sample Project Original Form Project FormsServer Sample Project Input Form Next step is to create the Project’s Business Process Business Process Icons for Receive and Reply Business Process Icons With Server Business Rules Business Rule Designer Server Receive Business Rule Creating a Connectivity Map Connectivity Map With Components prjHTTPServerBPEL Creating an Environment ƒ postBPELHTTPS.html input file Running the Sample in SSL ModePermission java.util.PropertyPermission * read, write About the Https eWay JCD Sample Projects Implementing the Https eWay JCD Sample ProjectsBuilding and Deploying the prjHTTPClientJCD Sample Project Https eWay Sample Project Java Collaboration Based SampleIn DTD SampleIn.dtd Creating the Collaboration Definition Java JcdHTTPClient Collaboration Definition Part 101 Connectivity Map With Components prjHTTPClientJCD 103 ƒ Project Overview on Building and Deploying the prjHTTPServerJCD Sample Projectƒ postJCEHTTPS 106 107 JcdHTTPServer Collaboration Definition Connectivity Map With Components prjHTTPServerJCD 110 ƒ postJCEHTTPS.html input file 112 Index 114
Top Page Image Contents