If you use SSL encryption, you can use third-party root and server certificates to encrypt and authenticate communication between CA ControlMinder components.
You need the following files to use third-party root and server certificates:
If you use OU password-protected server certificates, you also need the password for the private key for the server certificate.
Note: Because the server certificates are already created, you do not need the private key for the root certificate.
To use third-party root and server certificates
Note: If you install the root certificate in a new directory, write CA ControlMinder FILE rules to protect the new directory.
Note: If you install the server certificate in a new directory, write CA ControlMinder FILE rules to protect the new directory.
Note: If you install the server key in a new directory, write CA ControlMinder FILE rules to protect the new directory.
Note: You cannot use password-protected certificates if CA ControlMinder is operating in FIPS-only mode.
sechkey -g -subpwd private_key_password
Note: You must have the ADMIN attribute to use sechkey.
sechkey -g -verify
If CA ControlMinder cannot open the key, repeat Step b and specify the correct password.
Note: For more information about the sechkey utility, see the Reference Guide.
SSL encryption is enabled.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|