Sun Microsystems 820433510

Users ............................................................................................................................................ 105

Groups......................................................................................................................................... 105

Roles ............................................................................................................................................ 106

Realms ......................................................................................................................................... 106

Introductionto Certicates and SSL ...............................................................................................108

AboutDigital Certicates ......................................................................................................... 108

AboutSecure Sockets Layer ......................................................................................................109

AboutFirewalls .................................................................................................................................. 111

AboutCerticate Files ....................................................................................................................... 111

Changingthe Location of Certicate Files .............................................................................. 112

UsingJava Secure Socket Extension (JSSE) Tools .........................................................................112

Usingthe keytool Utility ........................................................................................................... 112

Generatinga Certicate Using the keytool Utility ...............................................................114

Signinga Digital Certicate Using the keytool Utility ......................................................... 115

Deletinga Certicate Using the keytool Utility ....................................................................115

UsingNetwork Security Services (NSS) Tools ............................................................................... 116

Usingthe certutil Utility ....................................................................................................... 117

Importingand Exporting Certicates Using the pk12util Utility ...................................... 118

Addingand Deleting PKCS11 Modules using modutil ........................................................ 119

UsingHardware Crypto Accelerator With Enterprise Server ..................................................... 120

AboutConguring Hardware Crypto Accelerators ..............................................................120

ConguringPKCS#11 Tokens .................................................................................................121

ManagingKeys And Certicates .............................................................................................. 122

ConguringJ2SE 5.0 PKCS#11 Providers .............................................................................. 124

10 ConguringMessage Security ........................................................................................................127

Overviewof Message Security .......................................................................................................... 127

UnderstandingMessage Security in the Enterprise Server .......................................................... 128

AssigningMessage Security Responsibilities .......................................................................... 128

AboutSecurity Tokens and Security Mechanisms ................................................................. 129

Glossaryof Message Security Terminology ............................................................................131

Securinga Web Service .....................................................................................................................132

ConguringApplication-Specic Web Services Security ..................................................... 133

Securingthe Sample Application ..................................................................................................... 133

Conguringthe Enterprise Server for Message Security ..............................................................133

Contents