Configuring Unwired Server Administration Certificates

By default, Unwired Server includes two security profiles: "default" and "default_mutual." The "default" security profile uses the "sample1" certificate and the "default_mutual" security profile uses the "sample2" certificate. The certificate used by any other user-created security profiles is specified during security profile creation.

Prerequisites

Determine whether the SSL security profile for the secure management (IIOPS) port requires "default" or "default_mutual" authentication. If the security profile requires "default" authentication, the Sybase Control Center truststore should contain the Unwired Server certificate. If it requires "default_mutual" authentication, the Sybase Control Center and Unwired Server truststores should each contain a copy of the other's certificate.
By default, the keystore and truststore passwords are both "changeit". In a production deployment of Unwired Server, use the keytool utility to set new passwords for both of these files.

Task

These steps describe the basics of exporting and import a certificate. Use the same steps to import your certificate into Unwired Server and Sybase Control Center keystore.

Set up the certificates:
1. Add %JAVA_HOME% to your system path.
2. At a command prompt, change to <UnwiredPlatform_InstallDir>\Servers\UnwiredServer\Repository\Security.
3. Export the "default" security profile certificate sample1.crt from the Unwired Server keystore by running:
  
  keytool -keystore keystore.jks -storepass changeit -alias sample1 -exportcert -file sample1.crt
You can also create and import new certificates. For more information about how to generate a new keystore and truststore, see http://docs.sun.com/app/docs/doc/819-3658/ablrb?a=view.
Configure Sybase Control Center:
1. Open <UnwiredPlatform_InstallDir>\SCC-XX\services\Messaging\lib\eas\lib\Repository\Server\EmbeddedJMS\Instance\com\sybase\djc\server\ApplicationServer\EmbeddedJMS.properties.
2. Insert these values to the keystore and truststore files :
```
keyStore=<filePath>/<keyStoreName>.jks
keyStorePassword=<password>
trustStore=<filePath>/<trustStoreName>.jks
trustStorePassword=<password>
```
  Or, you can copy the Unwired Server keystore and truststore files and use them for Sybase Control Center instead.
3. Import sample1.crt into the Sybase Control Center keystore by running:
  
  keytool -keystore keystore.jks -storepass changeit -alias sample1 -importcert -file sample1.crt
If you are running multiple Unwired Servers as part of a clustered environment, ensure these changes are repeated on all nodes. If certificates are issued to a specific host, you must generate a new certificate for each node.

Next

Enable and configure the administration port to use the security profile in Sybase Control Center.