Manage TLS certificates 41

/usr/java/jdk1.5.0_03/bin/keytool -storepasswd -new <new_password> -storepass <od_password> -keystore /opt/SQMobilityGW

where

<old_password> is the existing keystore password. <new_password> is your chosen password.

4Change the working directory:

cd /opt/SQmobilityGW/tomcat/conf/

5Open the server.xml file using an available editor (for example, vi).

6Locate the following default line:

clientAuth="false" sslProtocol="TLS" key storeFile="/opt/SQMobilityGW/.keystore" keypass="firsthand"

7Change keypass="firsthand" to keypass="<new_passwo rd>" .

where

<new_password> is the password entered in the keytool command.

8Save and close the server.xml file.

9Restart the service:

sudo /sbin/service mobilitygw restart

--End--

CA root certificate distribution

You must ensure the CA root certificate is installed (in DER format) on all mobile client devices that register with the MCG 3100 Server. Depending on which CA you choose, the root certificates are preinstalled or you distribute the root certificates to the clients for manual installation.

Various methods of root certificate distribution are available. Typically, the administrator e-mails the root certificate to the mobile client users who need it (Windows Mobile Single Mode and Nokia clients). The users must install the certificate on their devices.

After the user installs the root certificate, the mobile client communicates with the MCG 3100 using TLS security.

Nortel Mobile Communication 3100 Series Portfolio

Nortel Mobile Communication Gateway 3100 Installation and Upgrades

NN42030-300 02.03 Standard

9 May 2008

Copyright © 2007, 2008 Nortel Networks

Page 41
Image 41
Nortel Networks NN42030-300 manual CA root certificate distribution, Cd /opt/SQmobilityGW/tomcat/conf