Index
Next
DocHome
|
| iPlanet Trustbase Payment Services 2.0 Beta Installation Guide |
Introduction
The following chapter discusses all related documents to this guide.
Overall Layout
The complete documentation set for iPlanet Trustbase Payment Services comprises of:
Installation Guide (This document) that explains how to install iPlanet Trustbase Payment Services and all its associated components.
System Administration Guide that explains how to configure and run iPlanet Trustbase Payment Services. It further illustrates how to make payments.
Developer and Integration Guide that provides a comprehensive example of how to deploy your own CPI application and how to integrate with your existing back end banking system.
Introduction to Payment Initiation
Installing iPlanet Trustbase Payment Services
Installing The Reference Tools: Bank in a Box, Tooled Up, Buyers Bank, Condition Management, Obligation Management and CPI
Detailed documentation can also be found on the iPlanet Trustbase Payment Services Website at
Related Documents
The following documents are considered pre-requisites to installing iPlanet Trustbase Payment Services (iTPS)
Eleanor . iTPS is based on the Eleanor Technical Specification and as such you need to have familiarised yourself with this document.
http://www.identrus.com
Eleanor Scheme Technical Specification Version 1.0b
Eleanor Scheme Operating Rules
Eleanor Scheme Product Guide
Note This Website requires a Username and password that should have been given to you when you joined the Identrus Scheme
Identrus Message Specifications. iTPS is based on the IDentrus four corner model and as such four servers configures as identrus Transaction Coordinators (TC) using iPlanet Trustbase Transaction manager (iTTM) are assumed to be up and running. See http://www.identrus.com
Identrus PKI Compliance (IT-PKI)
Transaction Coordinator requirements (IT-TCFUNC)
Identrus Smart Card Signing Interface Requirements (IT-SIR, ver 1.7)
Core messaging specification (IT-TCMPD)
Certificate Status Check Messaging specification (IT-TCCSC)
Identrus Digital Signature Messaging System Specification (IT-DSMSSP, ver 2.0).
Transaction Coordinator Certificate Status Check (CSC) Protocol Definition (IT-TCCSC, ver 2.0b)
Note In order to access the documents within this website you need a Username and password that should have been given to you when you joined the Identrus Scheme.
iPlanet Trustbase Transaction Manager (iTTM) documentation itself can be found below:
http://docs.sun.com/?p=prod/s1.iptbtranm
http://docs.iplanet.com/docs/manuals/trustbase.html
or in /cdrom/cdrom0
Software Requirements
Solaris(TM) 8 for SPARC(TM)
iPlanet Application Server 6.5
iPlanet Trustbase(TM) Transaction Manager 3.0.1
Certificate Authority [e.g. iPlanet Certificate Management System 4.2]
Optional Hardware Security Module (HSM) on server [mandatory for Identrus participation - nCipher nShield 300 SCSI]
GemSAFE IS 1.1 for Identrus System 16000 Smartcards are configured on Buyer PC for use with Tooledup Seller Website.
Memory
Recommended single machine setup 512 MB
Disk Space
Recommended single machine setup 1 GB
Target Audience
System Administrators and Application Developers within the banking profession.
Recommended Installation Template
Before attempting an installation you should prepare a template outlining all your proposed settings. The following table provides the setting used throughout the documentation
iTTM 3.0.1
Do you agree to the license terms? [No]: Yes
Install location [/opt/ittm]: /opt/ittm
The user that will start iTTM ? tbase
The group that this user belongs to ? iplanet
The root location of iPlanet Application Server ? /opt/ias6
The root location of iPlanet Web Server documents directory? /opt/iws6/docs
What is the database user name that is used by iTTM? tbase
What is the database password that is used by iTTM? tbase
On what host is your database stored? mydatabase.mycompany.com
On what port is your database running? 1521
On what SID is your database? orcl
On what URL is your local OCSP responder? http://myresponder.mycompany.com:8080/NASApp/OCSPResponder/OCSPResponderServlet
What is the AIA of this iTTM? https://myhost.mycompany.com
Enter the password to use for the tokenkeystore? password
OCSPResponder
What is the Base DN of the LDAP Server that stores your certificate revocation list?
What is the Bind DN of the LDAP server that stores your certificate revocation list?
What is the Bind password?password
On what host is your LDAP? myhost.mycompany.com
On what port is your LDAP? 387
JMSProxy
What Port is your ittm listening on? 80
On what host is your iTTM iPlanet Web Server ? [ myhost.uk.sun.com ]
On what HTTP port is your iTTM iPlanet Webserver running ? [ 80 ]
The JMS queue name for messages received from system backend ? [ backend_to_itps ]
The JMS queue server host ? [ myqueue.uk.sun.com ] { myqueue.mycompany.com }
The JMS queue server port ? [ 7676 ]
iTTM certificates Aliases
(1) Location of alias = "IRCA" certificate e.g. "CN=Identrus Root,OU=Identrus Root,O=Identrus,C=US"
(2) Location of alias = "L1CA" certificate e.g. "CN=L1 Bank CA,OU=L1 Bank,O=L1,C=GB"
(3) Request/response for alias= "L1EESC" certificate e.g. "CN=L1 Bank End Entity Signing Certificate,OU=L1 Bank,O=L1"
(4) Request/response for alias= "L1EESSL" certificate e.g. "CN=L1 Bank SSL CertificateCertificate,OU=L1 Bank,O=L1"
(5) Request/response for alias= "L1IPSC" certificate e.g. "CN=L1 Bank Inter-Participant Signing Certificate,OU=L1 Bank,O=L1"
iTPS 2.0
[0] Install location : /opt/ittm
[1] The user that will run iTTM? tbase
[2] The group that this user belongs to? iplanet
[3] JMS queue name for messages to Biab Backend ? itps_to_backend
[4] Asynchronous acknowledgment SMTP host smtp.mycompany.com
[5] Default "From:" email address for acknowledgments admin@mycompany.com
iTPS Component Certificate Aliases
Trusted Root Certificate (e.g. IRCA).
Level One Certificate Authority Certificate. (e.g. L1CA)
End Entity Signing Certificate ( e.g. ClientSC) The AIA field within this certificate is used to determine the destination for the payments message)
SSL Client Transaction Certificate ( e.g. ClientSSL)
SSL Server Certificate (This name is enforced by the Web Server Server-Cert)
BFI
[0] Installation Location /opt/itps-bfi
[1] The user that will run BFI? tbase
[2] The group that this user belongs to? iplanet
[3] The Web server location is [ /opt/iws6 ]
[4] The Web server instance is [ myhost.mycompany.com ]
[5] The virtual server id is [ https-myhost.mycompany.com ]
[6] The deployment location [ /opt/iws6/itps-bfi-deploy ]
[7] The keystore password is [ password ]
[8] The signing certificate alias [ ClientSC ]
[9] The SSL client certificate alias [ ClientSSL ]
[10] The trusted verification certificate alias [ IRCA ]
[11] The database user is [ tbase ]
[12] The database password is [ tbase ]
[13] The database host is [ mydatabase.mycompany.com ]
[14] The database port is [ 1521 ]
[15] The database sid is [ orcl ]
BIAB
[0] Installation Location /opt/itps-biab
[1] The user that will run BIAB? tbase
[2] The group that this user belongs to? iplanet
[3] The Web Server location is [ /opt/iws6 ]
[4] The Web Server instance is [ myhost.mycompany.com ]
[5] The virtual server id is [ https-myhost.mycompany.com ]
[6] The deployment location [ /opt/iws6/itps-biab-deploy ]
[7] The queue driver location is [ /opt/SUNWjmq/lib/jmq.jar ]
[8] The from itps queue name [ itps_to_backend ]
[9] The too itps queue name [ backend_to_itps ]
[10] The queue server host [ myqueue.mycompany.com ]
[11] The queue server port [ 7676 ]
[12] The database user is [ tbase ]
[13] The database password is [ tbase ]
[14] The database host is [ mydatabase.mycompany.com ]
[15] The database port is [ 1521 ]
[16] The database sid is [ orcl ]
CPI
[0] Installation Location /opt/itps-cpi
[1] The user that will run CPI? tbase
[2] The group that this user belongs to? iplanet
CPI Certificate Aliases
"IRCA" certificate e.g. "CN=Identrus Root,OU=Identrus Root,O=Identrus,C=US"
"L1CA" certificate e.g. "CN=L1 Bank CA,OU=L1 Bank,O=L1,C=GB"
"BuyerSC" certificate e.g. "CN=Buyer SC, OU=L1 Bank, O=L1"
"SellerSC" certificate e.g. "CN=Seller SC, OU=L1 Bank, O=L1"
Tooledup
[0] Installation Location /opt/itps-tdup
[1] The user that will run TooledUp? tbase
[2] The group that this user belongs to? iplanet
[3] The Web server location is [ /opt/iws6 ]
[4] The Web server instance is [ myhost.mycompany.com ]
[5] The virtual server id is [ https-myhost.mycompany.com ]
[6] The deployment location [ /opt/iws6/itps-tdup-deploy ]
[7] The keystore password is [ password ]
[8] The signing certificate alias [ ClientSC ]
[9] The SSL client certificate alias [ ClientSSL ]
[10] The trusted verification certificate alias [ IRCA]
[11] The database user is [ tbase ]
[12] The database password is [ tbase ]
[13] The database host is [ mydatabase.mycompany.com ]
[14] The database port is [ 1521 ]
[15] The database sid is [ orcl ]
Obligation Management
[0] Installation Location /opt/itps-om
[1] The user that will run om? tbase
[2] The group that this user belongs to? iplanet
[3] The Web server location is [ /opt/iws6 ]
[4] The Web server instance is [ myhost.mycompany.com ]
[5] The virtual server id is [ https-myhost.mycompany.com ]
[6] The deployment location [ /opt/iws6/itps-om-deploy ]
[7] The keystore password is [ password ]
[8] The signing certificate alias [ ClientSC ]
[9] The SSL client certificate alias [ ClientSSL ]
[10] The trusted verification certificate alias [ IRCA]
Condition Management
[0] Installation Location /opt/itps-cond
[1] The user that will run Cond? tbase
[2] The group that this user belongs to? iplanet
[3] The Web server location is [ /opt/iws6 ]
[4] The Web server instance is [ myhost.mycompany.com ]
[5] The virtual server id is [ https-myhost.mycompany.com ]
[6] The deployment location [ /opt/iws6/itps-cond-deploy ]
[7] The keystore password is [ password ]
[8] The signing certificate alias [ ClientSC ]
[9] The SSL client certificate alias [ ClientSSL ]
[10] The trusted verification certificate alias [ IRCA ]
[11] The absolute path of the temporary directory for file downloads [/opt/temp]
Index Next DocHome
Copyright © 2001 Sun Microsystems, Inc. Some preexisting portions Copyright © 2001 Netscape Communications Corp. All rights reserved.
Last Updated October 22, 2002