Sun ONE logo      �W�@��      �ؿ�      �d�      �U�@��     

Sun ONE Portal Server 6.2 �޲z���n

�� 13 ��
�޲z Sun ONE Portal Server �t��

�����|����P���@ Sun™ ONE Portal Server �t�ά���U�غ޲z��ȡC

�����]�t�U�C���`�G

�t�m Secure Sockets Layer (SSL)

�z�i�H�z�L�U�C�覡�A�Q�� Sun ONE Portal Server �ά����t�m Secure Sockets Layer (SSL)�G

�Y�n�ϥ� Sun ONE Portal Server �t�m SSL

�p�G�b Sun ONE Portal Server �w�˴v��t�θ߰ݱz�uDo you want to run SSL on hostname?�v�ɡA�z���^���O y ���ܡA�ШϥΦ��{�ǡC�p�ݧ�h��T�A�аѾ\Sun ONE Portal Server 6.1 Installation Guide�C

  1. �b�z�w�� Sun ONE Portal Server ������A���W�إߥi�a��Ʈw�C

    2. �p�ݧ�h��T�A�аѾ\���U�C URL �� Sun ONE Web Server 6.0�AEnterprise Edition Administrator's Guide �� 5 �����u�إߥi�a��Ʈw�v�G

    http://docs.sun.com/source/816-5682-10/index.htm

  2. ���z�b�䤤�w�� Sun ONE Portal Server �n�骺����A���ШD�ҮѡA�æb����A����ҤW�w���ҮѡC

    3. �p�ݧ�h��T�A�аѾ\ Sun ONE Web Server 6.0�AEnterprise Edition Administrator's Guide �� 5 �����u�ШD�P�w�� VeriSign �Үѡv�Ρu�ШD�P�w�˨�L��A���Үѡv�C

  3. �}�� Sun ONE Portal Server ����A����Ҫ��[�K�\��C

    4. �b����A���޲z�D���x���A���u�ߦn�]�w�v���ҡA���u�s�W��ť���ѡv�A�M����u�s���ť���ѡv�A�ö}�Ҧw���ʡC

    �p�ݧ�h��T�A�аѾ\���U�C URL �� Sun ONE Web Server 6.0�AEnterprise Edition Administrator's Guide �� 5 �����u�}�Ҧw���ʡv�G

  4. ��@�U����A���޲z�D���x�����u�M�Ρv�P�u�M���ܧ�v�C
  5. ���s�Ұ� Sun ONE Portal Server�C

    6. /etc/init.d/amserver start

  6. �t�η|���ܱz��J�K�X�H�i�J�ҮѸ�Ʈw�C

    7. �o�ӨB�J�|�o�ͩ�C���z���s�Ұʺ���A�� (��� /etc/init.d/amserver start) �ɡC

    �Ƶ�

    �Y�n�קK�C�����s�Ұʫ᳣������J passphrase�A�Ыإߤ@�ӦW�٬� .wtpass�A�B�]�t�F����A�� passphrase ���ɮסA�ñN����m�b DSAME-BASEDIR/SUNWam/config �ؿ�C�p�G�z���s�Ұʥ]�t�w������A�����t�ΡA��O�t�Τ��èS�����ɮסA�h�z�����b�t�ΥD���x�����s��J passphrase�C

  7. ���ұz�{�b�O�_�i�H�ϥ� SSL �n�J�� Sun ONE Portal Server �J�f��G
    • �Y�n�n�J�� Sun ONE Identity Server �޲z�D���x�A����J�G
      https://server:port/amconsole
    • �Y�n�H �ୱ �ϥΪ̪�����n�J�A����J�G
      https://server:port/deploy_uri

      �Ҧp�A
      https://sesta:80/portal/dt

�Y�n�ק�{���� Sun ONE Portal Server �w�˥H�K�ϥ� SSL

�p�G�b Sun ONE Portal Server �w�˴v��t�θ߰ݱz�uDo you want to run SSL on hostname?�v�ɡA�z���^���O n ���ܡA�ШϥΦ��{�ǡC�p�ݧ�h��T�A�аѾ\Sun ONE Portal Server 6.1 Installation Guide�C

  1. �H�޲z����n�J�� Sun ONE Identity Server �޲z�D���x�C

    2. �̹w�]�A�w����m���椤���u�ѧO�޲z�v�B�u�Ҧ��w�إߪ���´�v�w��ܩ����椤�C

  2. ��ܦ�m���椤���u�A�Ȱt�m�v�C
  3. ��@�U�u���x�v���䪺�ݩʽb�Y�C

    4. �u���x�v�ݩ��H�Y��ܦb��Ƶ��椤�C

  4. �b��A���M�椤�A�N http �ܧ� https�C
  5. ��@�U�u�x�s�v�H�x�s�z���ܧ�C
  6. �b����A���W�w���ҮѡC

    7. �p�ݸԲӸ�T�A�аѾ\�u�Y�n�ϥ� Sun ONE Portal Server �t�m SSL�v�����B�J 1 ���B�J 4�C

  7. �N server.xml �M magnus.conf �ɮױq /BaseDir/SUNWam/servers/https-hostname-domain/conf_bk �ؿ�ƻs�� /BaseDir/SUNWam/servers/https-hostname-domain/config �ؿ�CBaseDir �� Sun ONE Identity Server �򩳥ؿ�C
  8. �p�G�z���ҮѤ��å��w�ˮ� CA�A�Цb /BaseDir/SUNWam/lib/AMConfig.properties �ɮפ��[�J�U�C�o��C

    9. com.sun.am.jssproxy.trustAllServerCerts=true

    �o�ӿﶵ�|�i�� JSS �H���ҮѡC

  9. �b /BaseDir/SUNWam/lib/AMConfig.properties�ɮפ��A�N�U�C URL���� http �ܧ� https�G

    10. com.sun.am.server.protocol

    com.sun.am.naming.url

    com.sun.am.notification.url

    com.sun.am.session.server.protocol

    com.sun.services.cdsso.CDCURL

    com.sun.services.cdc.authLoginUrl

  10. ���s�Ұ� Sun ONE Portal Server�C
    1. �Y�n���s�Ұʳ�@�� Sun ONE Portal Server ��ҡA����J�G

      2. /etc/init.d/amserver start

    2. �Y�n���s�Ұʦh�� Sun ONE Portal Server ��ҡA����J�G

      3. /etc/init.d/amserver startall

  11. �t�η|���ܱz��J�K�X�H�i�J�ҮѸ�Ʈw�C

�p�ݧ�h��T�A�аѾ\ Sun ONE Directory Server 5.1 Administrator's Guide �� 11 �����u�޲z SSL�v�C

�Y�n�t�m Sun ONE Portal Server ��ҥH�K�ϥ� SSL

  1. �H�޲z����n�J�� Sun ONE Identity Server �޲z�D���x�C

    2. �̹w�]�A�w����m���椤���u�ѧO�޲z�v�B�u�Ҧ��w�إߪ���´�v�w��ܩ����椤�C

  2. ��ܦ�m���椤���u�A�Ȱt�m�v�C
  3. ��@�U�u���x�v���䪺�ݩʽb�Y�C

    4. �u���x�v�ݩ��H�Y��ܦb��Ƶ��椤�C

  4. �b��A���M�椤�A�N http �ܧ� https�C
  5. ��@�U�u�x�s�v�H�x�s�z���ܧ�C
  6. �b����A���W�w���ҮѡC

    7. �p�ݸԲӸ�T�A�аѾ\�u�Y�n�ϥ� Sun ONE Portal Server �t�m SSL�v�����B�J 1 ���B�J 4�C

  7. �p�G����A���O�h����Ҧw�˪��@����A�бN server.xml �M magnus.conf �ɮױq /BaseDir/SUNWam/servers/https-instance_nickname/conf_bk �ؿ�ƻs�� /BaseDir/SUNWam/servers/https-instance_nickname/config �ؿ�C
  8. �p�G�z���ҮѤ��å��w�ˮ� CA�A�Цb /BaseDir/SUNWam/lib/AMConfig-instance_nickname.properties �ɮפ��[�J�U�C�o��C

    9. com.sun.am.jssproxy.trustAllServerCerts=true

    �o�ӿﶵ�|�i�� JSS �H���ҮѡC

  9. �b /BaseDir/SUNWam/lib/AMConfig-instance_nickname.properties �ɮפ��A�N�U�C URL���� http �ܧ� https�G

    10. com.sun.am.server.protocol

    com.sun.am.naming.url

    com.sun.am.notification.url

    com.sun.am.session.server.protocol

    com.sun.services.cdsso.CDCURL

    com.sun.services.cdc.authLoginUrl

  10. ���s�Ұ� Sun ONE Portal Server�C
    1. �Y�n���s�Ұʳ�@�� Sun ONE Portal Server ��ҡA����J�G

      2. /etc/init.d/amserver start

    2. �Y�n���s�Ұʦh�� Sun ONE Portal Server ��ҡA����J�G

      3. /etc/init.d/amserver startall

  11. �t�η|���ܱz��J�K�X�H�i�J�ҮѸ�Ʈw�C

�p�ݧ�h��T�A�аѾ\ Sun ONE Directory Server 5.1 Administrator's Guide �� 11 �����u�޲z SSL�v�C

�ƥ�P�_�� Sun ONE Portal Server �t�m

Sun ONE Portal Server �ϥΪ̻P�A�Ȱt�m�|�x�s�b�ؿ��A���W�� LDAP �ؿ��T�� (DIT) ���C�p���N�i��z�z�L���q�ťؿ�洫�榡 (Lightweight Directory Interchange Format, LDIF) �ɮ׳ƥ�P�_��t�m��T�C

�Y�n�ƥ� Sun ONE Portal Server �t�m

�Y�n�ƥ� Sun ONE Portal Server �t�m��T�A�Шϥ� db2ldif ��O�C�o�ӫ�O�i�Ω�ؿ��A�����򩳥ؿ� slapd- �D��W���ؿ�C�Ҧp�A�p�G�ؿ��A���w�w�˦ܦ�A�� sesta �W���w�]�w�˥ؿ� (/usr/ldap)�A�h�򩳥ؿ�N�|�O /usr/ldap/slapd-sesta�C

  1. �N�ؿ��ܧ󬰥]�t db2ldif ��O���ؿ��A���򩳥ؿ�C

    2. cd DS_BASEDIR/slapd-HOSTNAME

  2. �ϥ� db2ldif ��O (�a�� -s �ﶵ)�A�N�t�m�x�s�� LDIF �ɮפ��A�H��w Sun ONE Portal Server �� DIT ���h�C�Ҧp�A�Y�n�x�s�� DIT ���h�� isp �t�m�A����J�U�C��r�G

    3. ./db2ldif -s "o=isp"

    ��Ʒ|�x�s�� LDIF �ɮפ��C��O�|�N�ɮ��x�s�ܥثe���ؿ�C�|�ϥΤU�C�榡�өR�W�ɮסG

    YYYY_MM_DD_HHMMSS.ldif

    �b�x�s�ɮפ���A�|��ܤU�C���d�ҿ�X�G

    [16/May/2002:14:11:25 -0700] - Backend Instance:userRoot

    ldiffile:/usr/ldap/slapd-sesta/ldif/2002_05_16_141122.ldif

    [16/May/2002:14:11:28 -0700] - export userRoot:Processed 178 entries (100%).

�Y�n�_�� Sun ONE Portal Server �t�m

�z�i�H�ϥ� ldif2db ��O�A�N�z�L db2ldif ��O�ҳƥ� Sun ONE Portal Server �t�m��T�[�H�_��C�o�ӫ�O�i�Ω�ؿ��A�����򩳥ؿ� slapd-�D��W���ؿ�C�Ҧp�A�p�G�ؿ��A���w�w�˦ܦ�A�� sesta �W���w�]�w�˥ؿ� (/usr/ldap)�A�h�򩳥ؿ�N�|�O /usr/ldap/slapd-sesta�C

  1. �N�ؿ��ܧ󬰥]�t ldif2db ��O���ؿ��A���򩳥ؿ�A��k����J�G

    2. cd DS_BASEDIR/slapd-HOSTNAME

  2. ����ؿ��A���A��k����J�G

    3. ./stop-slapd

  3. �ϥ� ldif2db ��O�N�t�m�q LDIF �ɮ״_�쬰�ؿ��A���C��O�᭱�p�G�[�W -s �ѼơA�h�O��w Sun ONE Portal Server ���� DIT ���h�F�ӫ᭱�[�W -i �Ѽƫh�O��w�ɮצW�١C�Ҧp�A�p�G�n�N��e�B�J���x�s�� LDIF �ɮ״_�쬰 isp �� DIT ���h�A����J�U�C��r�G

    4. ./ldif2db -s "o=isp" -i /usr/ldap/slapd-sesta/ldif/2002_05_16_141122.ldif

    �b�_��t�m����A�|��ܤU�C���d�ҿ�X�G

    importing data ...

    [16/May/2002:16:37:02 -0700] - Backend Instance:userRoot

    [16/May/2002:16:37:03 -0700] - import userRoot:Index buffering enabled with bucket size 13

    [16/May/2002:16:37:03 -0700] - import userRoot:Beginning import job...

    [16/May/2002:16:37:03 -0700] - import userRoot:Processing file "/usr/ldap/slapd-sesta/ldif/2002_05_16_141122.ldif"

    [16/May/2002:16:37:04 -0700] - import userRoot:Finished scanning file "/usr/ldap/slapd-sesta/ldif/2002_05_16_141122.ldif" (178 entries)

    [16/May/2002:16:37:05 -0700] - import userRoot:Workers finished; cleaning up...

    [16/May/2002:16:37:08 -0700] - import userRoot:Workers cleaned up.

    [16/May/2002:16:37:08 -0700] - import userRoot:Cleaning up producer thread...

    [16/May/2002:16:37:08 -0700] - import userRoot:Indexing complete.Post-processing...

    [16/May/2002:16:37:08 -0700] - import userRoot:Flushing caches...

    [16/May/2002:16:37:08 -0700] - import userRoot:Closing files...

    [16/May/2002:16:37:09 -0700] - import userRoot:Import complete.Processed 178 entries in 6 seconds.(29.67 entries/sec)

  4. ���s�Ұʥؿ��A���A��k����J�G

    5. ./start-slapd

�ܧ� Sun ONE Portal Server ���]�w

�Y�n��ڱN��� Sun ONE Portal Server �n�骺��A���q���ܨ�L�a��A�z�u�ݭn�b /etc/hosts �ɤ��ܧ��3 IP ��}�������X����W�٧Y�i�C�õL��L�ݭn��諸�g����}�C

�޲z�h�� UI �`�I�w��

��z�b�h�� UI �`�I�W�w�� Sun ONE Portal Server �n��ɡA�z�ݭn�b Sun ONE Identity Server �޲z�D���x����u���x�v�ݩʶi��t�m�ܧ�C�z�s��u��A���M��v�ݩʥH�]�A�C�� UI �`�I�� URL�C

Sun ONE Identity Server �R�W�A�ȷ|�b��l�ƶ��qŪ��u��A���M��v�ݩʡC���M��]�t�F��@ Sun ONE Identity Server �t�m���� Sun ONE Identity Server �u�@�ɬq��A���C�Ҧp�A�p�G�w�ˤF��x Sun ONE Identity Server ��A���A�ӥB�����@���@�x�ӨϥΡA�h�����N�o��x��A�����]�A�b�M�椤�C�p�G�b�ШD�A�� URL ���ҫ�w���D��å��b���M�椤�A�h�R�W�A�ȱN�|�ڵ��ШD�C�M�椤���Ĥ@�ӭȫ�w�F�b�w�˴v��ҫ�w����A���D��W�٩M�s����C�i�H�ϥή榡 protocol://server:port �s�W��L����A���C

�Y�n�b��A���M�椤�s�W��L�� Portal Server

  1. �H�޲z����n�J�� Sun ONE Identity Server �޲z�D���x�C

    2. �̹w�]�A�w����m���椤���u�ѧO�޲z�v�B�u�Ҧ��w�إߪ���´�v�w��ܩ����椤�C

  2. ��ܦ�m���椤���u�A�Ȱt�m�v�C

    3. ����A���H�Y�|�X�{�b����椤�C

  3. ��@�U�u���x�v���䪺�ݩʽb�Y�C

    4. �u���x�v�ݩ��H�Y��ܦb��Ƶ��椤�C

  4. �s��u��A���M��v�ݩʡC

    5. �b�C�ӥ\�ର UI �`�I����A�����A��J��A�� URL�A�Ҧp http://host1.sesta.com:80�A�M���@�U�u�s�W�v��s�CURL �H�Y�|�X�{�b�u��A���M��v���C

  5. ��@�U�u�x�s�v�C
  6. ���s�Ұ� Sun ONE Portal Server�C

    7. /etc/init.d/amserver start

�t�m Sun ONE Portal Server ��ҥH�K�ϥ� HTTP �N�z��A��

�p�G Sun ONE Portal Server �n��w�g�w�˦b�D��W�A�ӥB�L�k�����s���ں��αz���������Y�dz���A�z�N�ݭn�t�m��ҥH�K�ϥ� HTTP �N�z��A���C

  1. �N�ؿ��ܧ󬰥]�t��Ұt�m���ؿ��A���򩳥ؿ�A��k����J�G

    2. cd /BaseDir/SUNWam/servers/https-hostname-domain/config

  2. �s�覹�ؿ� jvm12.conf�A�M��s�W�U�C�X��G

    3. http.proxyHost=proxy_host
    http.proxyPort=proxy_port

    �䤤 proxy_host �O�N�z��A���D������X����W�١A�� proxy_port �h�O���N�z��A���b��W��檺�s����C

    �Ƶ�

    �p�G jvm12.conf �ɮפw�g�]�w�N�z��A�� (�ϥ� http.proxyHost= �M http.proxyPort= �Ѽ�)�A�z�i�H�s�W http.nonProxyHosts=proxy_host �ѼơC���D�J�f���A���w�s�W�ܥN�z��A���s��M�椤�A�_�h���i��L�k�z�L�N�z��A���s��J�f���A���C

�޲z Sun ONE Portal Server �O��

�z�i�H�t�m Sun ONE Portal Server �O��H�K�N��T�O��ܤ@���ɮשΰO��ܸ�Ʈw�C�b�O��ܸ�Ʈw�ɡA�|�ϥ� JDBC ��w�C

�Y�n�t�m�O����ɮ�

  1. �H�޲z����n�J�� Sun ONE Identity Server �޲z�D���x�C

    2. �̹w�]�A�w����m���椤���u�ѧO�޲z�v�B�u�Ҧ��w�إߪ���´�v�w��ܩ����椤�C

  2. ��ܦ�m���椤���u�A�Ȱt�m�v�C

    3. ����A���H�Y�|�X�{�b����椤�C

  3. ��@�U�u�O��v���䪺�ݩʽb�Y�C

    4. �u�O��v�ݩ��H�Y��ܦb��Ƶ��椤�C

  4. ���@���u�O�������v�ݩʪ��u�ɮסv�C
  5. �b�u�O���m�v�ݩʤ���w��x�ɮת��ؿ��|�C
  6. �b�u�̤j�O��j�p�v�ݩʤ���w��x�ɪ��̤j�ɮפj�p (�H�줸�����)�C
  7. �b�u��v�ɮ׼ƥءv�ݩʤ���w�ƥ�O��ƥءC
  8. ��@�U�u�x�s�v�C

�Y�n�t�m�O��ܸ�Ʈw

  1. �H�޲z����n�J�� Sun ONE Identity Server �޲z�D���x�C

    2. �̹w�]�A�w����m���椤���u�ѧO�޲z�v�B�u�Ҧ��w�إߪ���´�v�w��ܩ����椤�C

  2. ��ܦ�m���椤���u�A�Ȱt�m�v�C

    3. ����A���H�Y�|�X�{�b����椤�C

  3. ��@�U����椤�u�O��v�A�Ȯ��䪺�ݩʽb�Y�C

    4. �u�O��v�ݩ��H�Y��ܦb��Ƶ��椤�C

  4. ��� JDBC �@���u�O�������v�ݩʡC
  5. �b�u��Ʈw�ϥΪ̦W�١v�M�u��Ʈw�ϥΪ̱K�X�v�ݩʤ��A��w�ΥH�s����Ʈw���ϥΪ̦W�٩M�K�X�C
  6. ��w�Ω�b�u��Ʈw�X�ʵ{���W�١v�ݩʤ��O���X�ʵ{���C
  7. ��@�U�u�x�s�v�C

���� Sun ONE Portal Server

���`�|���Цp��]�w����h���H��U�z�w�藍�P�� Sun ONE Portal Server ����i�����ƸѡC

�Y�n�]�w Sun ONE Identity Server ������h��

����h���i���\�z�w�q�ǰe�ܰ����x���T�������C�U�C���䴩���h���G

�̹w�]�A����T���|�ǰe�� /var/opt/SUNWam/debug �ؿ��x�ɮסC

�Y�n�]�w����h���G

  1. �b /etc/opt/SUNWps/desktopconfig.properties �ɮת��H�U�椤�w�q����h���G

    2. debugLevel=value

  2. ���s�Ұ� Sun ONE Portal Server�G

    3. /etc/init.d/amserver start

  3. �b /var/opt/SUNWam/debug �H�� Sun ONE Web Server ��x�ɤ��˵�P����x�ɡC



�W�@��      �ؿ�      �d�      �U�@��     

Copyright 2003 Sun Microsystems, Inc. �O�d�Ҧ��v�Q�C