WebSphere Partner Gateway - Express¿¡´Â CRL(Certificate Revocation List) ±â´ÉÀÌ Æ÷ÇԵǾî ÀÖ½À´Ï´Ù. CRLÀº ÀÎÁõ ±ÇÇÑ(CA)¿¡¼ ¹ßÇàÇÏ´Â °ÍÀ¸·Î¼ ½ºÄÉÁÙÀÌ ÁöÁ¤µÈ ¸¸±â ³¯Â¥º¸´Ù ¾Õ¼ ÀÎÁõÀ» ÇØÁöÇÑ Ä¿¹Â´ÏƼ Âü¿©ÀÚ¸¦ ½Äº°ÇÕ´Ï´Ù. ÀÎÁõÀÌ Ãë¼ÒµÈ Âü¿©ÀÚ´Â WebSphere Partner Gateway - Express¿¡ ´ëÇÑ ¾×¼¼½º°¡ °ÅºÎµË´Ï´Ù.
ÇØÁöµÈ °¢ ÀÎÁõÀº CRL¿¡¼ ÀÎÁõ ÀÏ·Ã ¹øÈ£¿¡ µû¶ó ½Äº°µË´Ï´Ù. WebSphere Partner Gateway - ExpressÀÇ ¹®¼ °ü¸®ÀÚ´Â 60Ãʸ¶´Ù CRLÀ» ½ºÄµÇÏ¿© ¸ñ·Ï¿¡ Çϳª ÀÌ»óÀÇ ÀÎÁõÀÌ µé¾î ÀÖÀ¸¸é Âü¿©ÀÚ¿¡ ´ëÇÑ ¿¬°áÀ» °ÅºÎÇÕ´Ï´Ù.
CRLÀº /<shared data directory>/security/crl À§Ä¡¿¡ ÀúÀåµË´Ï´Ù. WebSphere Partner Gateway - Express´Â bcg.properties ÆÄÀÏÀÇ bcg.http.CRLDir ¼³Á¤À» »ç¿ëÇÏ¿© CRL µð·ºÅ丮ÀÇ À§Ä¡¸¦ ½Äº°ÇÕ´Ï´Ù.
¿¹¸¦ µé¾î bcg.properties ÆÄÀÏ¿¡¼ ´ÙÀ½ ¼³Á¤À» »ç¿ëÇϽʽÿÀ.
bcg.http.CRLDir=/<shared data directory>/security/crl
ÀÎÁõ ÇØÁö ¸ñ·Ï ÆäÀÌÁö¸¦ »ç¿ëÇÏ¿© CRLÀ» Ãß°¡ ¹× »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù. CRL¿¡´Â ¼Õ»óµÇ¾úÀ¸¹Ç·Î ½Å·ÚµÇÁö ¾Ê´Â ŰÀÇ ¸ñ·ÏÀÌ µé¾î ÀÖ½À´Ï´Ù.
»õ CRLÀ» Ãß°¡ÇÏ·Á¸é ´ÙÀ½ ÇÁ·Î½ÃÀú¸¦ »ç¿ëÇϽʽÿÀ.
´õ ÀÌ»ó CRLÀÌ ÇÊ¿äÇÏÁö ¾ÊÀ¸¸é ´ÙÀ½ ÇÁ·Î½ÃÀú¸¦ »ç¿ëÇÏ¿© WebSphere Partner Gateway - Express¿¡¼ CRLÀ» »èÁ¦ÇϽʽÿÀ.
CA´Â CRLÀ» À¯Áöº¸¼öÇÏ°í °»½ÅÇÕ´Ï´Ù. ÀÌ CRLÀº ÀϹÝÀûÀ¸·Î CRL ºÐ¹è ÁöÁ¡¿¡ ÀúÀåµË´Ï´Ù. CRLÀº ÀÎÁõÀÇ Ãë¼Ò ¿©ºÎ¸¦ ÆÇº°Çϱâ À§ÇØ ÀÎÁõ Ãë¼Ò È®ÀÎÀ» ¼öÇàÇÏ´Â Áß¿¡ »ç¿ëµË´Ï´Ù.
bcgSetCRLDP.jacl ½ºÅ©¸³Æ®´Â Ãë¼Ò È®ÀÎÀ» ¼öÇàÇÒ ¶§ CRL ºÐ¹è ÁöÁ¡ È®ÀÎÀ» »ç¿ë °¡´É ¶Ç´Â »ç¿ë ºÒ°¡´ÉÇÏ°Ô ÇÏ´Â µ¥ »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÎÁõ Ãë¼Ò È®ÀÎÀ» ¼öÇàÇÒ ¶§ CRL ºÐ¹è ÁöÁ¡¿¡ ¾×¼¼½ºÇÒ Çʿ䰡 ÀÖÀ¸¸é CRL ºÐ¹è ÁöÁ¡ »ç¿ëÀ» °¡´ÉÇÏ°Ô ÇϽʽÿÀ. ¼³Ä¡ÇÑ ÀÎÁõ¿¡ CRL DP È®ÀåÀÌ Æ÷ÇԵǾî ÀÖÀ¸¸é CRL ºÐ¹è ÁöÁ¡À» »ç¿ë °¡´ÉÇÏ°Ô ÇÏ¿© Ãë¼Ò È®ÀÎÀ» ¼öÇàÇÒ ¶§ ºÐ¹è ÁöÁ¡¿¡ ¾×¼¼½ºÇÒ ¼ö ÀÖ°Ô ÇÒ ¼ö ÀÖ½À´Ï´Ù. µî·Ï Á¤º¸ bcg.CRLDir¿ë bcg.properties¿¡ ¼³Á¤µÈ µð·ºÅ丮¿¡ ¸ðµç Çʼö CRLÀ» ´Ù¿î·ÎµåÇÑ °æ¿ì, CRL ºÐ¹è ÁöÁ¡À» »ç¿ë ºÒ°¡´ÉÇÏ°Ô ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÇöÀç CRLÀÌ bcg.CRLDir µð·ºÅ丮¿¡¼ »ç¿ë °¡´ÉÇÏÁö ¾ÊÀº °æ¿ì, CRL ºÐ¹è ÁöÁ¡À» »ç¿ë °¡´ÉÇÏ°Ô ÇØ¾ß ÇÕ´Ï´Ù.
HTTP ¹× LDAP¸¦ ÅëÇØ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â CRL ºÐ¹è ÁöÁ¡ÀÌ Áö¿øµË´Ï´Ù. CRL ºÐ¹è ÁöÁ¡¿¡ ¾×¼¼½ºÇÒ ¼ö ÀÖµµ·Ï ÇÁ·Ï½Ã¸¦ ±¸¼ºÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
CRL ºÐ¹è ÁöÁ¡À» »ç¿ë °¡´ÉÇÏ°Ô ÇÏ·Á¸é <server_root>/bin µð·ºÅ丮¿¡¼ ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ.
./wsadmin.sh -f <ProductDir>/scripts/bcgSetCRLDP.jacl install <nodename> <serverName> CRLDP
CRL ºÐ¹è ÁöÁ¡À» »ç¿ë ºÒ°¡´ÉÇÏ°Ô ÇÏ·Á¸é <server_root>/bin µð·ºÅ丮¿¡¼ ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ.
./wsadmin.sh -f <ProductDir>/scripts/bcgSetCRLDP.jacl uninstall <nodename> <serverName> CRLDP
ÇÁ·Ï½Ã¿Í ÇÔ²² CRL ºÐ¹è ÁöÁ¡À» »ç¿ë °¡´ÉÇÏ°Ô ÇÏ·Á¸é <server_root>/bin µð·ºÅ丮¿¡¼ ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ.
./wsadmin.sh -f <ProductDir>/scripts/bcgSetCRLDP.jacl install <nodename> <serverName> CRLDP <proxyHost> <proxyPort>
ÇÁ·Ï½Ã¸¦ »ç¿ëÇÏÁö ¾Êµµ·Ï ÁöÁ¤ÇÏ·Á¸é <server_root>/bin µð·ºÅ丮¿¡¼ ´ÙÀ½ ¸í·ÉÀ» ½ÇÇàÇϽʽÿÀ.
./wsadmin.sh -f <ProductDir>/scripts/bcgSetCRLDP.jacl uninstall <nodename> <serverName> PROXY
¼ö½ÅÀÚ »ç¿ëÀÚ Á¾·á¸¦ »ç¿ëÇÒ °æ¿ì¿¡ »ç¿ëÀÚ Á¾·á°¡ SecurityService API¸¦ »ç¿ëÇϸé À§ÀÇ ¼³Á¤ÀÌ bcgreceiver ¼¹ö¿¡µµ Àû¿ëµË´Ï´Ù. ¼ö½ÅÀÚ¿¡ ´ëÇØ À§ÀÇ ¸í·ÉÀ» ½ÇÇàÇÏ·Á¸é bcgdocmgrÀ» bcgreceiver·Î ¹Ù²Ù½Ê½Ã¿À.