By
default all other Unwired Platfrom listeners are encrypted using SSL. However, if you need to
modify this configuration, review these steps.
Changing Installed Certificates Used for Encryption
Unwired Server includes default certificates for all listeners. Since all installations use the same certificates by default, you must change these certificates with production-ready ones after you install Unwired Platform.
Defining Certificates for SSL Encryption
For the primary server, specify keystore and truststore certificates to be used for SSL encryption of Unwired Platform communication ports. All security profiles use the same keystore and truststore.
Creating an SSL Security Profile in Sybase Control Center
Security profiles define the security characteristics of a client/server session. Assign a security profile to a listener, which is configured as a port that accepts client connection requests of various protocols. Unwired Server uses multiple listeners. Clients that support the same characteristics can communicate to Unwired Server via the same port defined in the listener.
Enabling OCSP
(Optional) Enable OCSP (Online Certificate Status Protocol) to determine the status of a certificate used to authenticate a subject: current, expired, or unknown. OCSP configuration is enabled as part of server level SSL configuration. OCSP checking must be enabled if you are using the CertificateAuthenticationLoginModule and have set Enable revocation checking to true.