Table of Contents
Advertisement
Click OK.
6.
The Attributes link now appears.
Click the Attributes link.
7.
The Security Settings of Listen Socket page appears.
Use the drop-down CertificateName list to select the external server certificate.
8.
Click OK
9.
For the Server Manager, click Apply, and then Restart for changes to take
10.
effect.
You could also tell the server to start with that server certificate instead, by
manually editing the
in the SSLPARAMS to:
$TOKENNAME:Server-Cert
To find what value to use for
the Manage Certificates link. When you log in to the external module where
Server-Cert is stored, its certificates are displayed in the list in the
$TOKENNAME:$NICKNAME
If you did not create a trust database, one will be created for you
NOTE
when you request or install a certificate for an external PKCS#11
module. The default database created has no password and cannot
be accessed. Your external module will work, but you will not be
able to request and install server certificates. If a default database
has been created without a password, use the Security tab Create
Database page to set the password.
FIPS-140 Standard
PKCS#11 APIs enable communication with software or hardware modules that
perform cryptographic operations. Once PKCS#11 is installed on your server, you
can configure Enterprise Server to be Federal Information Processing Standards
(FIPS)-140 compliant. These libraries are included only in SSL version 3.0.
file. Change the
server.xml
, go to the server's Security tab and select
$TOKENNAME
form.
Using External Encryption Modules
servercertnickname
Chapter 5
Securing Your Enterprise Server
attribute
117
Advertisement
Table of Contents
