Manualshelf

iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
81828384858687888990
Configuring for Secure Transport
iTP Secure WebServer System Administrator’s Guide523346-002
4-3
Server Configuration
4. Obtain a certificate for the public key part of the pair from a Certificate Authority
(CA) by e-mailing the certificate-request file to the CA. This procedure is described
in Requesting a Certificate on page 4-10.
5. Store the resulting public key certificate in the key database file by using the
keyadmin utility.
6. Make a new backup copy of the key database file once the certificate has been
added. Also, make a backup of the certificate itself.
Server Configuration
Once you have used the keyadmin utility for server configuration, complete the server
configuration by following these steps:
1. Specify the pathname of the key database file by using the KeyDatabase
configuration directive. Refer to KeyDatabase on page A-24 for information about
using this directive.
2. Specify the password for decrypting the key database file.
Using the ServerPassword directive, specify the password the server will use to
decrypt the data in the key database file. You can arrange for this password to be
obtained by:
°
Specifying it directly in the configuration file.
°
Reading it from a different file.
For an example of specifying the encryption password, see ServerPassword on
page A-67.
The password specified by the ServerPassword directive must agree with the
password used to encrypt the key database file, as specified through the keyadmin
utility.
3. Enable the server to use SSL and/or PCT.
Use the AcceptSecureTransport configuration directive to configure the server to
check for SSL and/or PCT connections. You must specify the distinguished name
(DN) of the certificate to use for the server by using the -cert option. In addition,
you can specify the following parameters:
°
Transport name
°
Host name, address, and port to use
°
Whether the server checks for SSL, PCT, or both
°
Whether the server requests or requires client authentication (or neither)