CentraSite Documentation : CentraSite Administrator’s Guide : Basic Operations : Configuring Secure Communication Between Components : Secure Communication Between the CRR and the CAST : Setting the Security Configuration for the Registry Repository : Creating a RR Configuration File to Define Security Values
Creating a RR Configuration File to Define Security Values
Create a RR configuration file to define the SSL security values specific for Application Server Tier environment. The configuration RR-config.xml file should look as follows. Examine the RR-config.xml file. It contains at least the XML namespace used for providing uniquely named elements and attributes.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<entry key="com.softwareag.centrasite.security.keyStore">
C:/SoftwareAG/CentraSite/test/files/certs/castcert.p12</entry>
<entry key="com.softwareag.centrasite.security.keyStorePassword">
cscert</entry>
<entry key="com.softwareag.centrasite.security.keyStoreType">PKCS12</entry>
<entry key="com.softwareag.centrasite.security.trustStore">
C:/SoftwareAG/CentraSite/test/files/certs/casttrust.p12</entry>
<entry key="com.softwareag.centrasite.security.trustStorePassword">
cscert</entry>
<entry key="com.softwareag.centrasite.security.trustStoreType">
PKCS12</entry>
<entry key="com.softwareag.centrasite.security.crr.trustStore">
C:/SoftwareAG/CentraSite/test/files/certs/crrtrust.pem</entry>
<entry key="com.softwareag.centrasite.security.crr.certificate">
C:/SoftwareAG/CentraSite/test/files/certs/crrcert.crt</entry>
<entry key="com.softwareag.centrasite.security.crr.keyFile">
C:/SoftwareAG/CentraSite/test/files/certs/crr.key</entry>
<entry key="com.softwareag.centrasite.security.crr.storePassword">
cscert</entry>
</properties>
The key and certificate files need to be in an OpenSSL readable format. The CA file needs to be in PEM format.
Note that in the default configuration, the same CA certificate is used for both client and server certificates.
The server parameters can be changed via the command line tool inoadmin.
The syntax for the command is:
inoadmin setproperty CentraSite <PropertyName> <PropertyValue>norestart
Example:
inoadmin setproperty CentraSite "SSL certificate file" "C:/SoftwareAG/CentraSite/files/certs/custom_cacert.pem" norestart
Copyright © 2005-2015 Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback