CA Service Desk Configuration › Verify the File Server Installation › Configure CAISDI/soap › (Optional) Set Up SSL

(Optional) Set Up SSL

(Optional) If you do not plan to use the Secured Socket Layer (SSL) for secured communications, skip this step.

If you plan to use SSL for secured communications (HTTPS) between the mainframe CAISDI soap server and the CA Service Desk Web Server, obtain an SSL certificate and install it on the CA Service Desk Web Server. (Follow the appropriate procedures for your particular Web Server software.) An exported copy of the certificate must then be accessible to the CAISDI/soap server in either of two methods:

• Store the certificate in an SAF keyring file that is controlled by your security system (CA Top Secret, CA ACF2, or IBM's RACF). The certificate is given a name that can be used by CAISDI/soap server to retrieve the certificate. For information about installing a certificate in a SAF keyring, see the appropriate SAF documentation.
• Store the certificate in an HFS key database. If you choose this method, you also need a “stash” file to contain the password to the key database. For information about installing a certificate in an HFS key database and stash file, see the IBM z/OS Manual System Secure Sockets Layer Programming.

The user ID associated with the CAISDI/soap server address space must have access to either the HFS files or the SAF keyring. The configuration file must be set up to identify either the HFS key database (and stash file) or the SAF keyring (Step 7 that follows).

This step is complete when the SSL certificate is installed and HFS keyring database or a SAF keyring authorization correctly configured.