Manualshelf

Technical data

ManualsBrandsBEA ManualsComputer equipmentWebLogic Server 7
71727374757677787980
3 Node Manager
3-6 Administration Guide
Authentication requires use of the public key infrastructure. This includes a private key
as well as a certificate. The certificate typically contains the public key of the user and
is signed by the issuer of the certificate to authenticate the binding between the user
name and the enclosed public key.
Node Manager uses certificates in X509 format. The private keys used with Node
Manager conform to the Private Key Cryptography Standards (PKCS) #5 and #8.
PKCS #5 is an the password-based encryption standard and describes the method for
encrypting private keys with a password. PKCS #8 is the private key syntax standard
and specifies the characteristics of the private key.
The various pieces of the public key infrastructure used by Node Manager differ from
the format used by WebLogic Server digital certificates, which conform to an earlier
standard. The main differences are:
n Node Manager uses a single certificate file that contains the private key as well
as the certificate containing the public identity of the user.
n The private key used by the Node Manager must be password-protected, in
conformity with the PKCS #5/#8 standards.
A demonstration certificate for use with Node Manager is provided with the WebLogic
software. This is located at
/config/demo.crt. It is recommended that you get a
new certificate for a production environment.
The steps for setting up digital certificates for use with Node Manager are as follows:
Step 1: Obtain a Digital Certificate and Private Key
Use one of the following methods to obtain digital certificates for use with Node
Manager:
n Obtain a private key and X509-format digital certificates using the instructions
in Obtaining a Private Key and Digital Certificate in the Administration Guide.
If the private key is not in PKCS #5/#8 format, you will need to convert it using
the WebLogic Server key conversion tool, as described in Step 2. If you obtain a
private key in PKCS #5/#8 format, skip to Step 3: Merging the Certificates into
a Single Certificate File.
n Use the WebLogic Server certificate generator to generate certificates, then can
convert them for use with Node Manager.