Certificate DN values for DataPower certificates

When SSL is used with the provided IBM® SOA Policy Gateway Patterns, the DN host verification is more strict than the default WebSphere® Application Server security. (This topic applies to external DataPower appliances.)

DN host verification is not enabled in WebSphere Application Server by default. However, in the script packages that are used by the IBM SOA Policy Gateway Patterns, DN host verification is turned on and cannot be disabled. A specific certificate that works between the default WebSphere Application Server and DataPower® might not work for the SOA Policy Gateway 2.5.0.0 - Security script package or the SOA Policy Gateway 2.5.0.0 - Sample script package that is used with the IBM SOA Policy Gateway Pattern. For example, a DN of myserver.yourcompany.com might be accepted by the WebSphere Application Server defaults, but not by the script packages. To add or remove the DataPower certificates that are used with the deployment, see Removing or Adding DataPower Certificates to the WSRR Truststore.


Concept Concept

Feedback

Timestamp icon Last updated: Thursday, 3 July 2014
http://publib.boulder.ibm.com/infocenter/prodconn/v1r0m0/topic/com.ibm.scenarios.soawdpwsrr25.doc/topics/csoa2_datapower_certificate.htm