Use this topic to modify certificate authority (CA) client objects. The client object contains all of the configuration information necessary to connect to your third-party CA server.
You must configure a CA client object in your environment.
For existing CA client objects, use the steps in this topic to view, modify, or delete existing CA client object configurations.
print AdminTask.listCAClients('-all true')
'[ [backupCAs ] [managementScope (cells/myCell01|security.xml#ManagementScope_1)
] [scopeName (cell):myCell01] [name jenCAClient] [baseDn ] [_Websphere_Config_Da
ta_Id cells/myCell01|security.xml#CAClient_1181834566881] [port 2950] [CACertifi
cate ] [pkiClientImplClass com.ibm.wsspi.ssl.WSPKIClient] [userId ] [_Webspher
e_Config_Data_Type CAClient] [retryCheck 0] [properties ] [frequencyCheck 0] [pa
ssword ] [host ] ]'
'[ [backupCAs ] [managementScope (cells/myCell01|security.xml#ManagementScope_1)
] [scopeName (cell):myCell01] [name myCAClient] [baseDn ] [_Websphere_Config_Dat
a_Id cells/myCell01|security.xml#CAClient_1181834566882] [port 2951] [CACertific
ate ] [pkiClientImplClass com.ibm.wsspi.ssl.WSPKIClient] [userId ] [_Websphere
_Config_Data_Type CAClient] [retryCheck 0] [properties ] [frequencyCheck 0] [pas
sword ] [host ] ]'
print AdminTask.getCAClient('-caClientName myCAClient')
'[ [backupCAs ] [managementScope (cells/myCell01|security.xml#ManagementSc
ope_1)] [scopeName (cell):myCell01] [name myCAClient] [baseDn ] [_Websphe
re_Config_Data_Id cells/myCell01|security.xml#CAClient_1181834566882] [por
t 2951] [CACertificate ] [pkiClientImplClass com.ibm.wsspi.ssl.WSPKIClient] [u
serId ] [_Websphere_Config_Data_Type CAClient] [retryCheck 0] [properties ] [fre
quencyCheck 0] [password ] [host ] ]'
Parameter | Description | Data Type |
---|---|---|
-scopeName | Specify the management scope of the CA client. For a deployment manager profile, the system uses the cell scope as the default. For an application server profile, the system uses the node scope as the default. | String |
-pkiClientImplClass | Specify the class path that implements the WSPKIClient interface. The system uses this path to connect to the CA and to issue requests to the CA. | String |
-host | Specify the host name in your system where the CA resides. | String |
-port | Specify the port on the server where the CA listens. | String |
-userName | Specify the user name to use to authenticate to the CA. | String |
-password | Specify the password for the user name that authenticates to the CA. | String |
-frequencyCheck | Specify how often, in minutes, the system should check with the CA to determine if a certificate has been created. | String |
-retryCheck | Specify the number of times to check with the CA to determine if a certificate has been created. | String |
-customProperties | Specifies a comma separated list of attribute and value (attribute=value) custom property pairs to modify on the CA Client object. You can create, modify, or remove properties. To remove a property specify attribute= attribute as equal to no value. | String |
AdminTask.modifyCAClient('[-caClientName myCAClient -port 4060 -userName admin
-password password4admin -pkiClientImplClass com.ibm.wsspi.ssl.WSPKIClient]')
AdminConfig.save()
print AdminTask.listCAClients('-all true')
AdminTask.deleteCAClient('[-caClientName myCAClient]')
AdminConfig.save()