Sun Java System Identity Server version 2004Q2  

Main Page

CertLogin Samples Readme File

This file explains how to compile and run a sample CertLogin application for Solaris & Windows installations. Follow these steps to run the sample program.
 

Instructions for Solaris

  1. Set these environment variables. These environment variables will be used the run the make command. You can also set these variables in the Makefile. This Makefile is in the same directory as sample files.
      BASE_DIR - Set this variable to install directory
      CLASSPATH - Reference to all the jars found in directory <install-dir>/SUNWam/lib
      JAVA_HOME - Set this variable to  your installation of  JDK. It should be newer than JDK 1.3.1
      JSS_JAR_PATH - Set this variable to your installation of JSS
  2. Copy AMConfig.properties from IS server installation machine location <ISinstall-dir>/SUNWam/lib from the server machine to the client machine
  3. Keep am_services.jar, am_sdk.jar, jss3.jar, AMConfig.properties in your classpath on client machine. (Note: Include jaas.jar in your classpath if you are using JDK version less than JDK1.4)
  4. Go to the directory "<install-dir>/SUNWam/samples/authentication/api/Cert".  Run gmake
  5. Create directory locale and copy all the property files from IS server installation machine location <install-dir>/SUNWam/locale from the server machine to the client machine
  6. To run the sample program, execute gmake run DOMAIN="dc=example,dc=com" CERTNICKNAME="tester's cert" URL="dc=example,dc=com" PASSWORD=password
Your sample program should display "LOGIN SUCCESS" 

Instructions for Windows 2000

  1. Set these environment variables. These environment variables will be used the run the make command. You can also set these variables in the Makefile. This Makefile is in the same directory as sample files.
      BASE_DIR - Set this variable to install directory
      CLASSPATH - Reference to all the jars found in directory <install-dir>/SUNWam/lib
      JAVA_HOME - Set this variable to  your installation of  JDK. It should be newer than JDK 1.3.1
      JSS_JAR_PATH - Set this variable to your installation of JSS
  2. Copy /etc/opt/SUNWam/config/AMConfig.properties from IS server installation machine to the client machine.
  3. Keep am_services.jar, am_sdk.jar, jss3.jar, AMConfig.properties in your classpath on client machine. (Note: Include jaas.jar in your classpath if you are using JDK version less than JDK1.4)
  4. Go to the directory "<install-dir>/SUNWam/samples/authentication/api/Cert".  Run make
  5. Create directory locale and copy all the property files from IS server installation machine location <install-dir>/SUNWam/locale from the server machine to the client machine
  6. To run the sample program, execute make run DOMAIN="dc=example,dc=com" CERTNICKNAME="tester's cert" URL="dc=example,dc=com" PASSWORD=password

Your sample program should display "LOGIN SUCCESS" 

 

For SSL client auth setup

  1. Edit the following property in AMConfig.properties file
  2. Create or copy certificate database file to <ISinstall-dir>/SUN/IdentityServer6/Servers/alias
  3. Rename the file to have the prefix of https-machine1.red.iplanet.com-machine1-


Using certutil for client certificate management:
     
   Certutil is a command-line utility that can create and modify cert7.db and key3.db database files. It can also list, generate, modify, or delete certificates within the cert7.db file and create or change the password, generate new public and private key pairs, display the contents of the key database, or delete key pairs within the key3.db file. The key and certificate management process generally begins with creating keys in the key database, then generating and managing certificates in the certificate database. For more information about this tool, please reference Using the Certificate Database Tool

For the details, please reference the Remote Client API Java Docs.