Problem:
- Product Name: BES AppServer
- Product Version: 5.x, 6.x
- Product Component: Security/SSL Wallet
- Platform/OS Version: All
- JDK/Compiler Version: same versions bundled with BES
How to configure 4.x style wallet properties in BES?
Resolution:
VB4.x-style wallet properties are still supported in BES, however, there is little documentation on how to configure these legacy properties in later version of BES. This article lists steps to use wallet properties. (Please note that it is highly recommended to use latest JAAS-style configuration!)
VB4.x-style identity setting up has following directory structure: assuming the root directory is called "identities",
- there would be a sub-directory created for each identity (equivalent to "alias" in latest KeyStore concept).
- For each identity sub-directory, there would be certX files and one key file.
- cert0 file containing the Certificate for the particular user, while cert1 is the certificate of the Issuer for previous certificate -- it follows this way: cert<N> is the Issuer's Certificate for cert<N-1>...
- key file contains the private key for the identity.
Now the steps to configure BES to use VB4.x-style of wallet:
- Setting up Certificates:
- point "vbroker.security.wallet.type" to the "identities" root directory:
vbroker.security.wallet.type=Directory:./identities - set "vbroker.security.trustpointsRepository" to the directory that contains all the Trusted Certificate:
vbroker.security.trustpointsRepository=./trustpoints
- point "vbroker.security.wallet.type" to the "identities" root directory:
- Setting up Wallet properties
- set the "identity" name (or "alias" name) used in the application
vbroker.security.wallet.identity=<name> - set wallet password to the passphrase of the private key
vbroker.security.wallet.password=password
- set the "identity" name (or "alias" name) used in the application
- Adding SSL listener -- this can be done either through BES Console or manually add ssl listener for your ORB
i.e. vbroker.se.iiop_tp.scms=iiop_tp,ssl in the vbroker.properties file
Please refer to $INSTALLATION/examples/vbroker/security/bank_ssl as well as Security Service User Guide to further detailed information.
Old KB# 15372
#VisiBroker
#BorlandAppServer
#Security
