User guide

Constructing a Key Pair/Certificate Management Environment
14-11
Example
Register the site certificate and certification authority certificate with the certificate management file by
specifying them.
soapMngSecurity -import -f
certification_authority_certificate_storage_file_name
-p Interstage -alias cacert
soapMngSecurity -import -f site_certificate_storage_file_name -p
Interstage
-alias taro -own
Environment Construction when a Private-key is not Needed
To use the following functions in the Web service, it is not necessary to create a private-key and acquire
a site certificate from the certification authority. However, it is necessary to register the certification
authority certificates and site certificates of the communication parties that use the security function.
If the client is not to be authenticated in SSL communication.
SOAP digital signature verification.
Encryption using the XML encryption.
Creating and Setting a Certificate Management Environment
Use the XML encryption to create a certificate management environment required for the SSL-encrypted
communication, SOAP digital signature verification or encryption.
Create a directory in which the certificate management file (used to register and manage
certificates) will be placed.
Create a Web service security environment information file (the certificate management file) using
the soapSetSecurity (key pair/certificate management environment creation) command. How to
use the soapSetSecurity command depends on the certification authority to which the application
for a certificate is made.
The following shows some examples of using the soapSetSecurity command for each certification
authority to be used.
Example
If SystemWalker/PkiMGR is the certification authority:
Example 1.
Create a Web service security environment information file and the certificate management file in the
certificate management file creation directory by specifying the password for the certificate management
file access (Interstage). The installation directory of Interstage is assumed to be "C:\Interstage".
soapSetSecurity -noauth -f C:\Interstage\F3FMsoap\etc -p Interstage