Configuring listeners  Chapter 14: Managing Keys and Certificates

Chapter 13: Security Configuration Tasks

Configuring identities

Identities define a user name, password, and SSL session characteristics to be used by components or servlets that call other components. Identities are also used for inter-server authentication when propagating caller credentials in a call sequence that involves multiple servers. EAServer provides a System and Anonymous identity by default.

StepsDefining a new identity

  1. Highlight the Identities folder.

  2. Select File | New Identity. Follow the wizard screens to configure the properties.

StepsModifying or deleting an identity

  1. Expand the Identities folder and highlight the icon for the identity of interest.

  2. Choose one of the following:

Configuring identity properties

The Identity Properties dialog has these tabs:

Identity properties/basic

Enter the user name and password for inter-server connections made using the identity.

Identity properties/SSL

Settings on this tab specify whether connections made using the identity will use SSL and if so, the SSL session characteristics.

StepsConfiguring the SSL settings

  1. If SSL is not to be used at all, choose <none> for the security characteristic. Otherwise choose the characteristic that defines the required level of security. See Table 13-2 for descriptions of the security characteristics.

  2. Check Use Entrust if your site uses Entrust for SSL certificate management and you wish connections made with this identity to use an Entrust certificate.

  3. If the specified security characteristic requires mutual authentication, choose a client certificate.

NoteClient certificate field may require a password If you have not connected to the EAServer Manager | Certificates folder, you are prompted for the Sybase token PIN when you put the focus on the Certificate Label field. You must connect to EAServer Manager | Certificates folder or enter the correct PIN before you can view certificate names.

Identity properties/Entrust

If you enabled Entrust support in the SSL tab, the Entrust tab settings specify the Entrust certificate to be used.

StepsConfiguring the Entrust settings

  1. Browse to or type the path to the entrust.ini file (typically located in the Windows installation directory on Windows machines, and in the Entrust clients subdirectory on UNIX systems.

  2. Browse or type the path to the Entrust profile file (.epf extension) that defines the certificate to be used.

  3. Enter the password required to use the specified Entrust profile.

Copyright © 2005. Sybase Inc. All rights reserved. Chapter 14: Managing Keys and Certificates