iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Integrating the WebSafe2 Internet Security
Processor (WISP)
iTP Secure WebServer System Administrator’s Guide—523346-002
5-17
Configuration and Version Requirements for SSL 3.0
Hardware Encryption
3. Store the leaf certificate, including the lines labeled
----- BEGIN CERTIFICATE ----- and ----- END CERTIFICATE -----,
in the designated certificate file (cert.txt in the example) using the keyadmin
command as shown in the following example:
keyadmin -websafeadd cert.txt -widconf widconf -kek_mfk31
kek_mfk31
4. Store the intermediate certificate, including the lines labeled
----- BEGIN CERTIFICATE ----- and ----- END CERTIFICATE -----,
in the designated intermediate certificate file (intermediate.txt in the
example) using the keyadmin command as shown in the following example:
keyadmin -websafeadd intermediate.txt -widconf widconf
-kek_mfk31 kek_mfk31
Configuration and Version Requirements for
SSL 3.0 Hardware Encryption
Observe the following requirements if you plan to use the SSL 3.0 hardware encryption
feature. You do not need to observe these requirements if you will be using SSL 2.0
services only or if you will be using SSL 3.0 software encryption only.
Obtaining a New Certificate
If you will be using SSL 3.0 features with your WISP, you need to obtain a new
certificate using the keyadmin utility. Atalla designed the new SSL commands with a
different key type than those used by other protocols. This design feature prevents
unauthorized retrieval of sensitive data in their clear text form by anyone using other
Atalla WebSafe commands.
Your new certificate can be used for both SSL 2.0 and SSL 3.0 sessions.
For information about generating and installing the new certificate, see Generating the
Public/Private Key Pair and Obtaining the Certificate on page 5-9.
Note. For a complete discussion of the keyadmin -websafeadd command, see Step 5.
Installing the Certificate on page 5-13.