Establishing Trust Between Cacao Servers

The following instructions detail how to share a common certificate between two cacao servers.

Installing the Cacao Server and Derby

1. Navigate to the /opt/SUNWportal/bin directory on the second Portal system.

2. Copy the example2.xml file from /opt/SUNWportal/samples/psconfig to the current file (/opt/SUNWportal/bin).

3. Replace the tokens in the file and run the psconfig command.

   ./psconfig config example2.xml

   The cacao server and Derby on the system are installed.

4. When cacao and Derby are installed, go to the /opt/SUNWcacao/bin directory.

5. Get the list of certificates available in the default instance of cacao server.

   ./cacaoadm list-trusted-certs -i default

6. Extract the certificate from the default system.

   ./cacaoadm show-trusted-cert -i default cacao_ca

7. Cut and paste this certificate into a file and name it ps2.cert.

8. Follow the same procedure for the first portal system and save the file as ps1.cert.

Installing Cacao Certificates into Other Instances

1. Follow the same procedure for the first portal system and save the file as ps1.cert.

2. Navigate to the /opt/SUNWcacao/bin directory and execute the command.

   ./cacaoadm add-trusted-cert -f ps1.cert ps1

3. Add the certificate to the instance. Perform this step on both the portal servers.

4. Restart the cacao servers.

   ./cacaoadm stop

   ./cacaoadm start