Certificate DN values for DataPower certificates

When SSL is used with the provided IBM® SOA Policy Gateway Patterns, the DN host verification is more strict than the default WebSphere® Application Server security.

DN host verification is not enabled in WebSphere Application Server by default. However, in the script packages used by the IBM SOA Policy Gateway Patterns, DN host verification is turned on and can not disabled. A very specific certificate that works between the default WebSphere Application Server and DataPower® might not work for the SOA Policy Gateway 2.0.0.0 - Security script package or the SOA Policy Gateway 2.0.0.0 - Sample script package used with the IBM SOA Policy Gateway Pattern; for example, a DN of myserver.yourcompany.com might be accepted by the WebSphere Application Server defaults, but not by the script packages. To add or remove the DataPower certificates used with the deployment, see Removing or Adding DataPower Certificates to the WSRR Truststore.


Concept Concept

Feedback

Timestamp icon Last updated: Thursday, 3 July 2014
http://publib.boulder.ibm.com/infocenter/prodconn/v1r0m0/topic/com.ibm.scenarios.soawdpwsrr.doc/topics/csoa2_datapower_certificate.htm