Installation guide
Using Secure Sockets Layer (SSL) with an Agent
84 Sun ONE Identity Server Policy Agents 2.1 • Web Policy Agents Guide • September 2004
3. Once the configuration is complete, change to the directory
\Agent_Install_Dir\Apache\config\apache_80
4. Optionally, open the
AMAgent.properties
file and change the value of the
property
com.sun.am.logLevels
to
all:5
.
Before you modify any of the agent properties, refer to Appendix A,
“AMAgent Properties” on page 161 for more information.
5. Save the
AMAgent.properties
file.
6. Change to the directory where the Apache server was installed.
7. Restart the Apache 2.0.50 server.
8. Try accessing the web site (http://drake.red.iplanet.com). This link should
take you to the Identity Server login page. After a successful authentication, if
the policy is properly defined, the user should be able to view the resource.
If you want to view the agent log file
amAgent
, do so at the following location:
\Agent_Install_Dir\debug\apache_portnumber
where
portnumber
is the port number, such as 80, to which the agent is
configured.
Using Secure Sockets Layer (SSL) with an Agent
During installation, if you choose the HTTPS protocol, the agent is automatically
configured and ready to communicate over SSL.
NOTE
If your web server is running in SSL and notification is enabled, make sure that you
perform the following:
1. Add the server certificate’s root CA certificate to the Identity Server’s certificate
database.
2. Mark the CA root certificate as trusted to enable Identity Server to send
notifications to the agent successfully.
For more information on installing a trusted root CA certificate, refer to the
documentation for your web server.
NOTE
You should have a solid understanding of SSL concepts and the security
certificates required to enable communication over the HTTPS protocol. See the
documentation for Sun ONE Web Server at the following location on the Internet:
http://docs.sun.com/source/816-5682-10/esecurty.htm#1011961