When you install CA ControlMinder, you can configure it to use a third-party password-protected root certificate.
After you install CA ControlMinder, you use the root certificate to create CA ControlMinder server certificates. The server certificates encrypt and authenticate communication between CA ControlMinder components.
To configure CA ControlMinder to use a third-party password-protected root certificate, you must perform some additional steps when you use native packages to install CA ControlMinder, as follows:
ACInstallDir/bin/sechkey -e -sub -in /opt/CA/AccessControl/crypto/sub_cert_info -priv root_key_path -capwd password [-subpwd password]
Specifies the file that holds the private key for the root certificate.
Specifies the password for the private key of the root certificate.
Specifies the password for the private key of the server certificate.
ACInstallDir/bin/sechkey -g -verify
Specify this value if you want to enable both symmetric and SSL encryption. This value lets the computer communicate with all CA ControlMinder components.
Specify this value to enable SSL encryption only. This value lets the computer communicate with only the CA ControlMinder components that use SSL encryption.
CA ControlMinder starts and uses the CA ControlMinder server certificate to encrypt and authenticate communication.
Note: For more information about the sechkey utility, see the Reference Guide.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|