Using the ssoadm and ampassword Utilities with the IBM JDK
After deploying OpenSSO on WebSphere Application Server 7.0, you can use the setup script in ssoAdminTools.zip to install the utilities and scripts. For information, see Chapter 3, Installing the OpenSSO Enterprise 8.0 Update 1 Admin Tools.
-
Before you run the setup script to install the utilities and scripts, modify the setup script. Before -cp... in the last line, insert:
-D"amCryptoDescriptor.provider=IBMJCE" -D"amKeyGenDescriptor.provider=IBMJCE"
-
Before you run ssoadm, add the following items to the ssoadm script:
-
Add xalan.jar to the classpath after openfedlib.jar. For example:
$<TOOLS_HOME>/lib/xalan.jar
-
Add the following items before com.sun.identity.cli.CommandManager and com.sun.identity.tools.bundles.Main
-D"amKeyGenDescriptor.provider=IBMJCE" -D"amCryptoDescriptor.provider=IBMJCE"
-
-
Before you run ampassword, add the following items to the ampassword script before com.iplanet.services.ldap.ServerConfigMgr and com.sun.identity.tools.bundles.Main
-D"amCryptoDescriptor.provider=IBMJCE" -D"amKeyGenDescriptor.provider=IBMJCE"
-
If the OpenSSO server is SSL-enabled, then you must add the IBM JAR files and set -D options in the ssoadm script.
-
Add the following IBM JAR files:
WAS_HOME/deploytool/itp/plugins/com.ibm.ast.ws.v7.jaxrpc.jee5_1.0.0.v200808141532/lib/emfwor / kbench.jar <WAS_HOME>/deploytool/itp/plugins/com.ibm.websphere.v7_7.0.0.v20080817/wasJars/bootstrap.jar <WAS_HOME>/deploytool/itp/plugins/com.ibm.websphere.v7_7.0.0.v20080817/wasJars/wsexception.jar <WAS_HOME>/dev/was_public.jar <WAS_HOME>/deploytool/itp/plugins/com.ibm.websphere.v7_7.0.0.v20080817/wasJars/ras.jar <WAS_HOME>/runtimes/com.ibm.jaxws.thinclient_7.0.0.jar
-
Set the following -D options :
-D"java.protocol.handler.pkgs=com.ibm.net.ssl.www.protocol" -D"javax.net.ssl.trustStoreType=<storeType>" -D"javax.net.ssl.trustStore=<trustStore_with_path>" -D"javax.net.ssl.trustStorePassword=<password>"
-
- © 2010, Oracle Corporation and/or its affiliates