Configuring hardware cryptographic devices for Web Services Security

Before you can use a hardware cryptographic device, you must configure and enable it. You must first configure a hardware cryptographic device using the Secure Sockets Layer (SSL) certificate and key management panels in the administrative console. The key for the cryptographic operation can be stored in an ordinary Java keystore file and need not be stored on the hardware devices.

Before you begin

You must first configure a hardware cryptographic device using the Secure Sockets Layer (SSL) certificate and key management panels in the administrative console.
Note: Fix packs that include updates to the Software Development Kit (SDK) might overwrite unrestricted policy files. Back up unrestricted policy files before you apply a fix pack and reapply these files after the fix pack is applied.
For transitioning users For transitioning users: The unrestricted Java policy files are not required when using hardware cryptographic devices. These policy files were required in some earlier versions of the product.trns

Procedure

  1. [IBM i] In the administrative console, click Servers > Server Types > WebSphere application servers and then select the server name.
  2. [IBM i] Under Security, select JAX-WS and JAX-RPC security runtime.
  3. [IBM i] Under Cryptographic Hardware, select Enable cryptographic operations on hardware device and then specify the name of the hardware cryptographic device configuration name. For more information, read about configuring a hardware cryptographic keystore.
  4. [IBM i] Click OK.

Results

This procedure configures a hardware cryptographic device for all Web Services Security applications running on this application server.
Task topic    

Terms and conditions for information centers | Feedback

Last updated: April 18, 2014 05:01 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-nd-iseries&topic=twbs_enable_hardacc
File name: twbs_enable_hardacc.html