Enabling SSL certificate security between a CORBA C++ client and an EJB server

Before you begin

Create a certificate to represent the target EJB server as described in Certificates.

Why and when to perform this task

To enable SSL security between a CORBA C++ client and an EJB server, complete the following steps:

Note: Each step is a separate procedure. After you complete each step, return to this overview procedure.

Steps for this task

  1. Create a key database file for the client as described in Creating a key database for a CORBA C++ client. This file is used to hold the client's certificate and the server's public key for use by the client.
  2. Create a client certificate to uniquely identify the client as described in Creating SSL certificates for a CORBA C++ client. This also creates the client key database file that is used to hold the server's public key for use by the client.
  3. If you have a client certificate from the Certificate Authority (CA), integrate it into your client key database file as described in Integrating a CA-signed certificate into a CORBA C++ client key database file. If you create your own self-signed client certificate, the certificate is created in the specified client key database file.
  4. Extract the client certificate (which includes its public key) and add it as a signer certificate into the truststore file for each target server. This is described in the procedures Extracting a certificate from a CORBA C++ client key database file and Adding a signer certificate into a CORBA C++ client key database.
  5. Configure the server to enable SSL security and configure other security properties that you want for the server.
  6. Configure the CORBA C++ client to enable security and configure other security properties that you want for the C++ clients as described in Run-time properties for CORBA C++ clients and servers.

Results

When you start a CORBA C++ client application, the application determines its client properties file from the WASPROPS environment variable on the client host. From the file, the application determines the location of the client's key database file. The client then can use the certificates in its key database file to create secure connections with application servers.

Related concepts
Digital certificates
Related tasks
Supporting SSL for CORBA C++ clients
Related reference
Run-time properties for CORBA clients and servers



Searchable topic ID:   tcor_ssl4
Last updated: Jun 21, 2007 8:07:48 PM CDT    WebSphere Business Integration Server Foundation, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.wasee.doc/info/ee/corba/tasks/tcor_ssl4.html

Library | Support | Terms of Use | Feedback