Sun Java System Access Manager version 2005Q4  

Main Page

CertLogin Samples Readme File


CertLogin  SAMPLE_DIR on different Platforms :

The sample program in <SAMPLE_DIR> demonstrates how to use Remote Client API to authenticate to Certificate Authentication Module.
  

Running CertLogin Sample 

To Configure the Cert Sample one needs to do the following.

1. Turn on SSL on a port in the Web Server.
   1.1 Initialize Certificate database in Webserver.
   1.2 Request a server certificate.
   1.3 Install a server certificate.
   1.4 Install a trusted CA certificate.
   1.5 Turn the security "Enabled" on a new Listen Socket of webserver.
   1.6 Turn 'Client Authentication' as 'required' for that socket.
   1.7 save changes and restart the webserver.

2. Goto admin console and add a service in the platform services. Please give the above chosen SSL port number for this service.

3. Create a Module instance called 'Cert' in the root org.

4. Get a Client Certificate for the sample from CA. Install the client certificate on a database accessible to the sample. This can be done in many ways. One way is to install the certificate in a browser and use the browsers certificate database. One can also use certutil as metioned later in this document. Also, make sure that Certificate CN/UID/DN (whatever is configured in AM Cert module)is a valid user.

5. Make changes in the make file and run as per the api readme documentation.

6. Run the sample.


Using certutil for client certificate management:

     
   Certutil is a command-line utility that can create and modify cert7.db and key3.db database files. It can also list, generate, modify, or delete certificates within the cert7.db file and create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key3.db file. The key and certificate management process generally begins with creating keys in the key database, then generating and managing certificates in the certificate database. For more information about this tool, please reference Using the Certificate Database Tool

For the details, please reference the Remote Client API Java Docs.