In this procedure, the certificate truststore is created in the Delegated Administrator configuration directory. For example: /var/opt/SUNWcomm/config
Request and install a certificate.
In a production environment, you must request a certificate from a Certificate Authority (CA), which issues the certificate to you. Next, you install the certificate.
In a test environment, you can create and install a self-signed certificate.
For information about requesting and installing certificates for Web Server 6, see “Using Certificates and Keys” in the Sun Java System Web Server 6.1 SP6 Administrator’s Guide.
After you complete this step, you can run the Delegated Administrator utility in SSL mode.
Export the specific certificate in ASCII encoding.
For example:
/opt/SUNWwbsvr/bin/https/admin/bin/certutil -L -n Server-Cert -d \ -P https-host.domain-host- /opt/SUNWwbsvr/alias -a > /tmp/host.cert |
where
Server-Cert is the default name created by the Administration interface
host is the host name of the machine where Web Server 6 is running. For example: myhost.
host.domain is the host and domain name of the machine where Web Server 6 is running. For example: myhost.siroe.com.
Use the java keytool utility to import the certificate into a truststore.
This step assumes that you are creating a new truststore in the Delegated Administrator configuration directory.
Define the ssl.truststore property in the JVM Setting for the Web Server 6 instance configuration.
For example:
-Djavax.net.ssl.trustStore=/var/opt/SUNWcomm/config/truststore Djavax.net.ssl.trustStorePassword=password |
where password is the password you entered at the keytool prompt.
Modify the following property in the JVM Setting for the Web Server 6 instance configuration.
Change
-Djava.protocol.handler.pkgs=com.iplanet.services.comm |
to the following value:
-Djava.protocol.handler.pkgs=com.sun.identity.protocol |
Change the following properties in the daconfig.properties file:
Open the daconfig.properties file in a text editor.
The daconfig.properties file is located by default in the Delegated Administrator configuration directory:
da-base/data/da/WEB-INF/classes/com/sun/comm/da/resources |
(In a later step, you will deploy the daconfig.properties file to the Web Server 6 configuration directory.)
Change the property values as follows:
commadminserver.host=host.domain commadminserver.port=port commadminserver.usessl=true |
where host.domain is the host and domain name of the machine where Web Server 6 is running. For example: myhost.siroe.com.
And where port is the SSL port. For example: 443.
Deploy the Web Server 6 configuration and restart the instance: