Installation guide

Using Secure Sockets Layer (SSL) With an Agent

46 Sun ONE Identity Server Policy Agents 2.1 • Web Policy Agents Guide • April 2005

Deploying the Agent with Multiple Instances of

Sun ONE Identity Server

When you haveto install multipleinstances ofSunONE IdentityServer along with

the policy agents, it is recommended that you deploy all the instances of Sun ONE

Identity Server first and then install the agents as necessary. If you add another

instance of Identity Server after the agents have been installed, you must edit the

magnus.conf file of the new instance of Identity Server to remove the entries

corresponding to the installed agents. Then you can install an agent to protect this

instance, if necessary.

Using Secure Sockets Layer (SSL) With an Agent

During installation, if you choose the HTTPS protocol, the agent is automatically

configured and ready to communicate over SSL.

Configuring the IBM HTTP Server

Use the following instructions to configure the IBM HTTP Server to run in SSL

mode.

NOTE

Be sure to use the unconfig script to uninstall any agent that was installed using

the

config script—you cannot use the GUI installation program to uninstall

agents that were installed from the command line. The GUI uninstallation program

must be executed only after unconfiguring all the existing agents using the

command-line

unconfig script.

NOTE

Before proceeding with the following steps, ensure that the web server is

configured for SSL.

You should have a solid understanding of SSL concepts and the security

certificates required to enable communication over the HTTPS protocol. See the

documentation that comes with your web server. If you’re using Sun ONE Web

Server, you can access the documentation at:

http://docs.sun.com/source/816-5682-10/esecurty.htm#1011961