You can install multiple instances of CA AuthMinder Server. However, you can use the Administration Console to configure the connection details to only one of these instances. This configured instance obtains the data of other instances for performing multi-instance management and failover from one instance to other for operations such as, configuration creation and credential issuance performed using Administration Console.
Note: In most cases of single-system deployments, you do not need to configure the instance. The default values will work out-of-the-box.
When you configure the two-way SSL transport mode to connect CA AuthMinder Server instance in the WebFort Connectivity on the WebSphere application server, you get the error message, "SDK failed to initialize. Configuration is invalid". You must download the Unrestricted JCE policy files—local_policy.jar and US_export_policy.jar—from IBM website, and copy to the following locations:
Follow these steps:
Define the IP address of the system where you installed the required CA AuthMinder Server instance.
Note: Verify that the systems where you installed CA AuthMinder components are accessible to each other by their host name on the network.
Default: localhost
Define the port on which the Server Management web Service protocol service is exposed.
Note: This field is valid only for Server Management Web Services protocol because it has to fetch information about other CA AuthMinder instances.
Default: 9743
Specify the transport mode for the corresponding component (Server Management Web Services, Administration Web Services, Transaction Web Services, and Authentication Native) to connect to the specified CA AuthMinder Server instance.
The supported values are:
SSL(1-Way): One-way Secure Sockets Layer (SSL) is used to encrypt and decrypt data under transmission.
SSL(2-Way): Two-way SSL is used to encrypt and decrypt data under transmission.
TCP: Transmission Control Protocol (TCP) mode is used to encrypt and decrypt data under transmission.
Default: TCP
Upload the server certificate chain by using the respective Browse button in the corresponding field.
Note: This field is applicable if SSL(1-Way) or SSL(2-Way) is selected in the Transport field.
Upload the public and private key pair of the client certificate by using the respective Browse button in the corresponding field.
Note: This field is applicable if SSL(2-Way) is selected in the Transport field.
The password corresponding to the P12 file.
Note: This field is applicable if SSL(2-Way) is selected in the Transport field.
The maximum active connections that can be maintained between the client and the CA AuthMinder Server.
Default: 32
The maximum number of idle connections that can be maintained with the CA AuthMinder Server.
Default: 8
The maximum amount of time (in milliseconds) the client must wait (when there are no available connections) for a connection to become available, before timing out.
Default: -1
The minimum amount of time (in milliseconds) a connection might be idle in the pool before it is evicted by the idle connection evictor (if any).
Default: 300000
The amount of time (in milliseconds) to wait before checking the pool to evict the idle connections.
Default: 600000
The maximum amount of time (in milliseconds) before the CA AuthMinder Server is considered unreachable.
Default: 10000
The maximum amount of time (in milliseconds) allowed for a response from CA AuthMinder Server.
Default: 30000
Note: If you add a new CA AuthMinder Server instance, before proceeding with the instance-specific configurations, click Save on this page. This verifies that the Administration Console receives the details of the newly added instance and the instance management functions will work smoothly for the newly added instance.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|