Installing Upgrading Designing Configuring Deploying Monitoring Administering Troubleshooting Reference JBI Components
Close Print View
Configuring: Windows OpenSSL.cnf File Example
 

Classic Java CAPS

Configuring JMS Clients

Configuring Java CAPS for SSL Support

SSL Overview

Public Keys, Private Keys, and Certificates

Keytool Program

OpenSSL Project

SSL and Adapters

KeyStores and TrustStores

Generating a KeyStore and TrustStore

Configuring a Sun JMS IQ Manager to Use SSL

Configuring the Message Server URL

External JMS Clients

Changing the Self-Signed Server Certificate

Configuring the Repository to Use SSL

Generating a Key Pair and a Self-Signed Certificate

Obtaining a Digitally Signed Certificate from a Certificate Authority

Importing the Certificate

Configuring the server.xml File

Testing the New SSL Connection

Configuring Enterprise Manager to Use SSL

Creating the Keystore and Trust Store

Importing the Domain Certificate

Enabling Security on the Application Server

Logging In to Enterprise Manager

Using SSL With the WebSphere MQ Adapter

Creating a Certification Authority

Using the OpenSSL Utility for the LDAP and HTTPS Adapters

Creating a Sample CA Certificate

Signing Certificates With Your Own CA

Windows OpenSSL.cnf File Example

Configuring Java CAPS Business Processes

Configuring Environment Components for the Sun Business Process Manager

Configuring Sun Master Indexes (Repository)

Configuring Java CAPS Project Components for Application Adapters

Configuring Java CAPS Project Components for Communication Adapters

Configuring Java CAPS Project Components for Database Adapters

Configuring Java CAPS Project Components for Web Server Adapters

Configuring Java CAPS Environment Components for Application Adapters

Configuring Java CAPS Environment Components for Communications Adapters

Configuring Java CAPS Environment Components for Database Adapters

Configuring Java CAPS Environment Components for Web Server Adapters

Configuring JDBC/ODBC Drivers

Configuring SAP R/3 for the SAP BAPI Adapter

Configuring Secure Network Communications for SAP

Configuring Siebel EAI Workflows

Importing an SNA Custom Handshake Class

Configuring WebLogic for Asynchronous Communication

Configuring Master Index (Repository) Connectivity and Environments

Related Topics for Sun Adapter for Batch/FTP

Java EE Based Components

Broadcasting Master Index Updates to External Systems

Configuring Sun Master Indexes

Windows OpenSSL.cnf File Example

This section contains the contents of the openssl.cnf file that can be used on Windows. Be sure to make the appropriate changes to the directories.

#
# SSLeay example properties file.
# This is mostly being used for generation of certificate requests.
#

RANDFILE        = .rnd

####################################################################
[ ca ]
default_ca    = CA_default        # The default ca section

####################################################################
[ CA_default ]

dir        = G:\\openssl\\\bin\\demoCA    # Where everything is kept
certs        = $dir\\certs                # Where the issued certs are kept
crl_dir    = $dir\\crl                # Where the issued crl are kept
database    = $dir\\index.txt            # database index file.
new_certs_dir    = $dir\\newcerts            # default place for new certs.

certificate    = $dir\\cacert.pem                # The CA certificate
serial        = $dir\\serial                # The current serial number
crl        = $dir\\crl.pem                # The current CRL
private_key    = $dir\\private\\cakey.pem       # The private key
RANDFILE    = $dir\\private\\private.rnd     # private random number file

x509_extensions    = x509v3_extensions    # The extentions to add to the cert
default_days        = 365            # how long to certify for
default_crl_days    = 30            # how long before next CRL
default_md        = md5            # which md to use.
preserve        = no            # keep passed DN ordering

# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy        = policy_match

# For the CA policy
[ policy_match ]
countryName            = match
stateOrProvinceName        = match
organizationName        = match
organizationalUnitName    = optional
commonName            = supplied
emailAddress            = optional

# For the ’anything’ policy
# At this point in time, you must list all acceptable ’object’
# types.
[ policy_anything ]
countryName        = optional
stateOrProvinceName    = optional
localityName        = optional
organizationName    = optional
organizationalUnitName    = optional
commonName            = supplied
emailAddress            = optional

####################################################################
[ req ]
default_bits        = 1024
default_keyfile     = privkey.pem
distinguished_name    = req_distinguished_name
attributes        = req_attributes

[ req_distinguished_name ]
countryName            = Country Name (2 letter code)
countryName_min        = 2
countryName_max        = 2

stateOrProvinceName        = State or Province Name (full name)

localityName            = Locality Name (eg, city)

0.organizationName        = Organization Name (eg, company)

organizationalUnitName    = Organizational Unit Name (eg, section)

commonName            = Common Name (eg, your website’s domain name)
commonName_max        = 64

emailAddress            = Email Address
emailAddress_max        = 40

[ req_attributes ]
challengePassword        = A challenge password
challengePassword_min    = 4
challengePassword_max    = 20

[ x509v3_extensions ]

Note - The following copyright notices apply: Copyright © 2004-2008 The OpenSSL Project. All rights reserved.Copyright © 2005-2008 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/