4�� ܺ� LDAP Directory Server�� ϵ�� Portal Server ��d

4��
�� ܺ� LDAP Directory Server�� ϵ�� Portal Server ��d

�⺻ ��ġ�� Sun Java�� System Portal Server, Sun Java™ System Access Manager �� Sun Java™ System Directory Server ��Ʈ�� : ȣ��Ʈ�� մϴ�. ��, �� ǥ�� '�� ܺ� ȣ��Ʈ�� Directory Server�� ϰ� Portal Server�� SSL (Secure Sockets Layer); ��Ͽ� �� 丮�� ׼��ؾ� �ϴ� �� ̿� �� ֽ4ϴ�.



��	�� ; �� Directory Server�� ׼��Ϸx� Sun Java™ System Web Server �Ǵ� Sun Java™ System Application Server�� 丮�� ; �ŷ��ϵ�� ؾ� �մϴ�.

�ܺ� LDAP ��丮�� ϵ�� Portal Server�� d�Ϸx� ��= �� մϴ�.

Portal Server ��ġ

SSL�� ϵ�� Directory Server ��

�� ͺ��̽� ��

��Ʈ �� (CA) �� ġ

Directory Server�� SSL ��

SSL�� ǵ�� Directory Server�� Ϸx�

Directory Server (ns-slapd �wμ��)�� (ns-httpd �wμ��) �� ۵Ǿ� ��ǰ� �ִ�� Ȯ��մϴ�.

��Ʈ�� ܸ�� â�� =; �Է��Ͽ� ��丮 �� ܼ�; ��մϴ�.

/var/opt/mps/serverroot/startconsole

ǥ�õǴ� �α�� â�� ̸�8�� admin�� Directory Server�� ȣ��й�ȣ�� Է��մϴ�.

�ܼ� �� â�� ׷� �Ʒ�� Directory Server �ν��Ͻ�� 丮�� Ȯ��մϴ�.

Directory Server �ν��Ͻ�� ϰ� [��]�� ϴ�.

[�۾�], [�� ]�� ʷ� ��մϴ�.

�� ۾�; ó= �� й�ȣ�� Է��Ͽ� �� ͺ��̽�� 鵵�� 䱸�մϴ�. ��߿� Directory Server�� ʿ�� 8�Ƿ� �� й�ȣ�� νʽÿ�.

[��û]; ��ϴ�.

�� û ��簡 ��Ÿ��ϴ�. ��縦 �� û; ��ϱ� '�� ܰ踦 �Ϸ��մϴ�. �� û: ��; '�� CMS (Certificate Management Server)�� ϴ�. CMS�� f �� ȯ�մϴ�. ��û ��͸� ��Ͽ� ��Ͽ� �� û ��纻; ��մϴ�.

�� û�� CMS�� CMS ��ڰ� ��û; ��ϰ� ��ε� �� ǵ�� ݴϴ�.

DS �� CMS �� 4ϴ�.

CMS�� DS�� ߱� �� CMS�� Ʈ CA�� n�ͼ� ��Ѿ� �մϴ�.

[�� ], [�� ]�� ʷ� �� = [��ġ]�� ϴ�.

�� ġ ��簡 ��Ÿ��ϴ�.

�ܰ� 8�� : ��ε� �� ͸� �ؽ�Ʈ ��8�� Ͽ� �ٿ� ��: ��= �� ܰ踦 �� ġ�մϴ�.

�� 8�� ġ�Ǹ� �� [�� ] �ǿ�� ׸�8�� ǥ�õ˴ϴ�.

�� â�� ¿�� [CA ��] ��; ��մϴ�.

�ܰ� 9�� : CA�� CA �� Ͽ� ��8�� Ͽ�� ġ�� ʿ䰡 ��4ϴ�.

�� Ͽ� ��8�� Ʈ CA �� ġ�ؾ� �մϴ�.

[��ġ]�� ϴ�.

CMS �� ͸� �ؽ�Ʈ ��8�� Ͽ� �ٿ� ��: ��= �� ܰ踦 �� ġ�մϴ�.

��f CA �� Ͽ� �� ̸�� Ÿ��ϴ�.

[�ݱ�]�� [�� ] â; �ݽ4ϴ�.

[��] ��; ��մϴ�.

[��ȣȭ] ��; �� [�� SSL ��] �� [��й�ȣ �з� ��: RSA] Ȯ�ζ�; �� = [��]; ��ϴ�.

[��Ʈ��ũ] �� [��ȣȭ ��Ʈ] �ʵ忡�� /ȿ�� Ʈ ��ȣ�� d�ϰų� �̸� Ȯ��ϰ� [��]; ��ϴ�.

�⺻ ��Ʈ�� 636�Դϴ�.

Directory Server�� ٽ� ��ϰ� �ܰ� 6�� Է�� ͺ��̽� ��й�ȣ�� f��մϴ�.

��f ��丮�� SSL ��; '�� Ʈ 636 (�⺻��)�� մϴ�.

�� ͺ��̽�� x�

�� ͺ��̽�� Ű �� Ͽ� �� й�ȣ�� d�մϴ�. ��ȣȭ�� ; ��Ͽ� �� ϴµ�� й�ȣ�� ʿ��մϴ�.

�� ͺ��̽�� Ű �� ̶�� ϴ� �� Ű �� Ű�� մϴ�. Ű �� : SSL ��ȣȭ�� ˴ϴ�. �� û�ϰ� ��ġ�� Ű �� ; ��ϰ� �˴ϴ�. �� ġ �Ŀ� �� ͺ��̽�� ˴ϴ�.

�� ͺ��̽�� '�� ϴ� % ��̳�� ~�� ٸ��ϴ�. ��= ��ħ: Sun Java System Application Server�� ͺ��̽�� 쿡 �� ̸� http://docs.sun.com�� Sun Java System Application Server Administration Guide to Security�� ֽ4ϴ�.

Sun Java System Web Server�� ͺ��̽�� '�� ħ: http://docs.sun.com�� Sun Java system Web Server, Enterprise Edition �� ?�� ֽ4ϴ�.

Sun Java System Application Server�� ͺ��̽�� x� �� ̽�� = �ܰ踦 ��մϴ�.

Application Server �ν��Ͻ�� ۵Ǿ�� Ȯ��մϴ�.

App Server �ν��Ͻ�� ׼��Ͽ� �� ν��Ͻ�� մϴ�.

[��]�� ׼��մϴ�.

[�� ͺ��̽�]�� ϴ�.

[��ͺ��̽� ��] ��ũ�� ϴ�.

�� ͺ��̽� �ʱ�ȭ �� ǥ�õ˴ϴ�.

��ͺ��̽�� й�ȣ�� Է��մϴ�.

��й�ȣ�� ݺ��մϴ�.

[Ȯ��]; ��ϴ�.

�� â�� App Server �ν��Ͻ� �� ν��Ͻ�� ׼�� = [�� ]; ��ϴ�.

�� ; ��Ϸx� �� = �ٽ� ��մϴ�.

password.conf ��; ��Ϸx�

SSL �� SSL/TLS �� Sun Java System Application Server�� й�ȣ�� Է�� ʰ� �ٽ� ��Ϸx� password.conf ��Ͽ� �� ͺ��̽� ��й�ȣ�� ؾ� �մϴ�.



��	�� ϰ� Ű ��ͺ��̽�� ʵ�� ý�� ϰ� ��ȣ�Ǿ�� Ȯ��մϴ�.

password.conf ��Ͽ� �� ڼ�� : Sun Java System Application Server Administrator's Configuration File Reference�� password.conf �� ; ��v�Ͻʽÿ�.

�Ϲ��8��, ��ϱ� �� й�ȣ�� 䱸�ϱ� �� /etc/rc.local �Ǵ� /etc/inittab ��Ϸ� UNIX SSL �� 4ϴ�. �Ϲ� �ؽ�Ʈ ��Ϸ� ��й�ȣ�� ϴ� �� SSL �� ڵ�8�� ̴� �� ʽ4ϴ�. �� password.conf ��: �� ġ�� Ʈ �Ǵ� ��ڰ� ��/�Ͽ� �� /�ڸ�� ׼��Ͽ� �б�� ⸦ �� ־�� մϴ�. UNIX�� SSL �� й�ȣ�� password.conf ��Ͽ� ��ܵθ� ��Ȼ� �ſ� '��մϴ�. �� Ͽ� �׼�� ִ� �� SSL �� й�ȣ�� ׼�� ֽ4ϴ�. SSL �� й�ȣ�� password.conf ��Ͽ� ��ϱ� �� '�迡 �� Ͻʽÿ�.

��Ʈ �� (CA) �� ġ�Ϸx�

��Ʈ CA �� ġ�ϱ� '�� ϴ� % ��̳�� ~�� ٸ��ϴ�.

��= ��ħ: Sun Java System Application Server�� Ʈ CA�� ġ�ϴ� ��; ��ϸ� http://docs.sun.com�� Sun Java System Application Server Administration Guide to Security�� ֽ4ϴ�.

Sun Java System Web Server�� Ʈ CA�� ġ�ϴ� ��: http://docs.sun.com�� Sun Java System Web Server, Enterprise Edition �� ?�� v�Ͻʽÿ�.

�� f�� ҽ�� Ʈ CA �� ҽ�� 4ϴ�.

CA�� ġ�Ϸx� �� ̽�� = �ܰ踦 ��մϴ�.

�� â�� App Server �ν��Ͻ�� ׼��Ͽ� �� ν��Ͻ�� մϴ�.

[��]�� ׼��մϴ�.

[�� ]�� մϴ�.

[��ġ] ��ũ�� ϴ�.

�� ġ�� ǥ�õ˴ϴ�.

Ŭ��̾�Ʈ ��; '�� CA�μ� ��Ϸt� CA �� CA�� մϴ�.

��Ӵٿ� ��Ͽ�� ȣȭ ��; ��մϴ�.

Ű �� Ͽ� �� й�ȣ�� Է��մϴ�.

�� ν��Ͻ�� ϴ� �� ʵ带 ��8�� Ӵϴ�.

�� ˴ϴ�. �� 쿡 �� ν��Ͻ� �� /�� ̸�; �Է��մϴ�.

�� ̿�� ȣȭ �� ˴ϴ�. �� 쿡 �� ȣȭ �� ν��Ͻ�� /�� ̸�; �Է��մϴ�.

�̸�; �Է��ϸ� [�� ] ��Ͽ� ǥ�õǰ� ��Ǿ�� մϴ�. �� , United States Postal Service CA�� CA�� ̸��̸� VeriSign Class 2 Primary CA�� CA �� /��; ��մϴ�.



��	�� ̸�; �Է�� 8�� ⺻ �� ˴ϴ�.

�ϳ�� Ͻʽÿ�.

�޽�� Ͽ� ��=. �� 쿡 �� Ͽ� �� ü �� ̸�; �Է��մϴ�.

�� ؽ�Ʈ (�Ӹ�� ). �� 쿡 �� ؽ�Ʈ�� ٿ� �ֽ4ϴ�. �ؽ�Ʈ�� Ͽ� �ٿ� �ִ� �� ~�� ; ��Ͽ� Begin Certificate �� End Certificate�� ԵǾ� �ִ�� Ȯ��մϴ�.

[Ȯ��]; ��ϴ�.

�� ġ�Ϸx� [�� ߰�]�� մϴ�.

�� â�� App Server �ν��Ͻ� �� ν��Ͻ�� ׼�� = [�� ]; ��ϴ�.

�� ; ��Ϸx� �� = �ٽ� ��մϴ�. �� ͺ��̽�� ˴ϴ�. �� ̸�: cert8.db�Դϴ�.

SSL; ��Ͽ� Directory Server�� Ϸx�

Access Manager�� Directory Server�� SSL; ��Ϸx� ��= �ܰ踦 ��մϴ�.

/etc/opt/SUNWam/config/AMConfig.properties ��; ��մϴ�. �� ܰ�� ̳ʸ�� ٸ�� Sun Java System Web Server�� Sun Java System Application Server ��ο� �� ؾ� �մϴ�.

AMConfig.properties ��Ͽ�� = ��d;


com.iplanet.am.directory.ssl.enabled=false
com.iplanet.am.directory.host=server12.example.com (if it needs to be changed)
com.iplanet.am.directory.port=389

��=8�� ü�մϴ�.


com.iplanet.am.directory.ssl.enabled=true
com.iplanet.am.directory.host=server1.example.com
com.iplanet.am.directory.port=636 (port on which DS uses encryption)

�� 忡�� SSL�� ǵ�� AccessManager-base/SUNWam/config/ums/serverconfig.xml ��Ͽ�� Ʈ�� /�� ; ��մϴ�.

serverconfig.XML ��; ��ϰ� ��= ��;


<Server name="Server1" host="gimli.example.com"
port="389"
type="SIMPLE" />

��=8�� ü�մϴ�.

<Server name="Server1" host="gimli.example.com"

port="636"

type="SSL" />

serverconfig.xml ��; �� % ��̳ʸ� �ٽ� ��մϴ�.

�� =

��۱� 2005 Sun Microsystems, Inc. �� Ǹ�� ۱�� /�Դϴ�.