Table of Contents
Advertisement
1. In the Console, navigate to Profile > {Partner} > Certificate > Certificate
Management
2. If you have logged in as a Hub Operator, then choose an internal partner and
external partner. Make sure that both the values are not "ALL".
3. Click Search to filter partners or subset of partners.
Note: The From and To packages are preloaded based on the partners. The
subsets will also be displayed in the table based on your selection. The table
columns have SSL client, Digital Signature (this will be disabled when the From
partner is set to "ALL") and encryption (will be disabled if the To partner is set
to "ALL". The rows have operation type).
4. Update the Certificate sets and click Save. The changes will be reflected at the
connection level.
Configuring the certpath related properties
The certpath properties can be configured using the WebSphere Application Server
admin console and the WebSphere Partner Gateway console. Access these
properties by clicking System Configuration > DocMgr Configuration > Security.
The properties are displayed using a read-only view. If you want to edit them,
click the Edit icon. The following descriptions are brief summaries of the
configuring process used with the certpath related properties.
bcg.CRLDir
This property contains the name of the directory where the CRLs are
stored. The default value is:
<WebSphere Partner Gateway Install Dir>/common/security/crl
bcg.checkRevocationStatus
This property specifies if the revocation status is checked. The valid values
for this property are true, false and blank.
If the value is set to either true or blank, the revocation status of the digital
certificates is checked. If the value is set to false, the revocation status is
not checked.
The default value and recommended setting of this property is true.
bcg.build_complete_certpath
This property specifies if the certpath is built to the root certificate or to
the issuer certificate. The valid values for this property are true, false and
blank.
If the value is set to true or blank, the certpath is built to the root
certificate. If the value is set to false, the certpath is built to the issuer
certificate only.
The default value and recommended setting of this property is true.
Configuring CRLDP
Configuring CRL DP (Certificate Revocation List Distribution Point) requires you
to:
v Set the Java Virtual Machine to enable or disable CRLDP
v Set the HTTP proxy host and port
Changing the Java Virtual Machine settings for CRLDP:
Chapter 5. Account administration tasks
51
Advertisement
Table of Contents
