How To: Configure the Security on the Application Server

HOW TO: Configure the Security on the Application Server (TEST Environment)


This step assumes that you have successfully installed the SKS server and its components, as well as installed the Symmetric Key Client Library (SKCL) . If not, please finish that before continuing with this step.

	1.	Using a browser, log into the Admin Server console using the Admin ID and password you chose during installation.
			If your ID and password were correct, you will see the Application Server's administrative interface.
	2.	Expand the Configuration link on the left-hand pane of the Admin Server.
	3.	Click on the Security, and a form will display on the right-hand pane.
	4.	On the form, in the field marked Default Realm, select Certificate from the list
	5.	Click on the Save button at the right top corner of the page.
	6.	Expand the HTTP Service link on the left-hand pane of the Admin Server.
	7.	Click on HTTP Listeners, and on the right-side the list of the listeners will be displayed.
	8.	Click on New button on the top-left corner of the page, and it brings the Create HTTP Listener from.
	9.	Fill in the following fields as given; substitute underlined responses with local values:
			Name: http-listener-ssl
			Listener: Check this value ON
			Security: Check this value ON
			Network Address: 0.0.0.0
			Listener Port: 1433 (if it is available and is not being used by any other application)
			Default Virtual Server: Select Server from the drop-down list
			Client Authentication: Check this value ON
			Certificate Nickname: sks2
			SSL3 Enabled: Check this value ON
			TLS Enabled: Check this value ON
			SSL3/TLS Ciphers: Check rsa_rc4_128_md5 and rsa_3des_sha ON
	10.	Click on OK button at the bottom-right corner of the page.
	11.	Go to a shell/command terminal and restart the Application Server using: asadmin stop-domain and then following it with asadmin start-domain domain1
	12.	On Linux, navigate to the /usr/local/sjsas82/domains/domain1/logs directory and type in the following in a shell window, to see the last few lines of the Application Server log. Keep this window open so the running log is visible to you through the remainder of steps of the installation/testing process: tail -f server.log
			If you see a message “Application server startup complete.”, at the end, everything is OK.