Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
261262263264265266267268269270
Chapter 14: How to Prepare PKI Environment for Web Services (SOAP)
14-10
Root certificates issued by Japan Certification Services Inc.
SecureSign RootCA1
SecureSign RootCA2
SecureSign RootCA3
Acquiring Certificates From The Certification Authority
Creating a Certificate Signing Request
Create a certificate signing request (CSR) to make a request to the certification authority to issue a site
certificate. A CSR corresponding to a private-key can be created, after creating a public-key/private-key
pair using the soapSetSecurity (key pair/certificate management environment creation), by using the
soapMngSecurity (certificate management) command.
Example
soapMngSecurity -certreq -f certificate_application_storage_file_name -p
Interstage -alias taro
The password and alias specified as the options must be the same as those specified when a key
pair/certificate management environment is created using the soapSetSecurity command.
Requesting to Issue a Certificate
Send a certificate-signing request to the certification authority to make a request to issue a certification
authority certificate and a site certificate. Follow the procedure of each certification authority to make a
request for a certificate.
Acquiring a Certificate
Acquire a certificate signed by the certification authority. Follow the procedure of each certification
authority to acquire a certificate.
Note
If a certificate is to be used for the SOAP digital signature, the digital signature must be specified as the
usage of the public-key contained in the site certificate to be acquired from the certification authority.
Registering Certificates
Register the site certificates and certification authority certificates with the certificate management file.
Certificates in the format containing the site certificates and certification authority certificates (such as
PKCS#7), or containing only one site certificate or certification authority certificate can be registered
using the soapMngSecurity (certificate management) command.
Notes
The same certification authority certificates must be registered on all servers and clients linked for
communication using the security function of the Web service.
Before registering a site certificate, the certificate of the certification authority must be registered
using an alias. If the certification authority is an intermediate certification authority, registration of
the certificate must start from the root certification authority.