IBMpublib.boulder.ibm.com/tividd/td/PKI/SH09-4532-02/ko_KO/PDF/iausmst.pdf · Start_TA.sh v Windows...

IBM®

SecureWay®

Trust Authority

C:[ |. H;-

v| 3 1.: 1

SA30-0875-00

IBM

VG!

L $8 W vx &0; gkOb |! 123 dLvG :VGgW;! VB O] $8& P8JC@.

JG(1999b 10y)

L %: IBM SecureWay Trust Authority,ANW% 5648-D09, v| 3 1.: 1! {kGg, DSG! /0w mCOb |nv p

g DS 1.: W v$ v|! {kKOY.

© Copyright International Business Machines Corporation 1999b. All rights reserved.

qw

% . . . . . . . . . . . . . . . . v

&1e Trust Authority $8 . . . . . . 1

&2e 3d . . . . . . . . . . . . . 3

&3e f} . . . . . . . . . . . . . 5

Trust Authority |. . . . . . . . . . 5

Trust Authority O# /f . . . . . . 5

-v 8:dR C[ W _v . . . . . . 7

IniEditor& gkQ 8: DO /f . . . . 9

Trust Authority IP VR /f . . . . . 12

C:[ iw W 9x . . . . . . . . 13

WebSphere Application Server|. . . . 14

WebSphere Application ServersB !K 14

WebSphere Application ServerNW !K 15

HTTP Server|. . . . . . . . . . 16

HTTP ServersB !K . . . . . . . 16

HTTP ServerNW !K . . . . . . . 18

CA -v |. . . . . . . . . . . . 18

CA -v ;kZ w. /f . . . . . . 19

CA z5 #] /f . . . . . . . . 20

CRL 3$ /f . . . . . . . . . . 20

s# Nu; gkQ CA Nu d; . . . 22

h~ p(; gkQ CA Nu d; . . . 25

CA -v NW !K . . . . . . . . 28

CA -v sB !K . . . . . . . . 29

RA -v |. . . . . . . . . . . . 30

RA |.Z _! . . . . . . . . . 31

RA -v ;kZ w. /f . . . . . . 34

RA z5 #] /f . . . . . . . . 35

RA gC5 #] /f . . . . . . . . 35

RA -v NW !K . . . . . . . . 36

RA -v sB !K . . . . . . . . 36

p:d.MG kE; 'Q RA 3$ /f 38

(g -jC:[ |. . . . . . . . . . 39

(g 9Ze 8b . . . . . . . . . 40

(g 9Ze =v . . . . . . . . . 42

(g ,sLp.!- (g -v #:. L

' W w. /f . . . . . . . . . 42

(g ,sLp.NNMG L%. |[ f}

]f . . . . . . . . . . . . . 43

(g -v! ;k! gkOB w. /f . . 44

(g ,sLp.!- (g -vNG YNy

C5 /f . . . . . . . . . . . . 45

YNy C5 gLG #] /f . . . . . 46

NW 3$ /f . . . . . . . . . . 46

(g 8m- }: . . . . . . . . . 51

(g NW DO 88 W -m . . . . . 51

(g -v %LM#L: W 88 DOG +

a: !K . . . . . . . . . . . . 52

(g -vG sB !K . . . . . . . 55

(g -v NW !K . . . . . . . . 56

DB2 %LM#L: |.Z . . . . . . . 56

DB2 %LM#L: sB !K . . . . . 57

DB2 NW !K . . . . . . . . . . 60

p:d. -v |.. . . . . . . . . . 60

p:d. -v sB !K . . . . . . . 60

p:d. -v NW !K . . . . . . . 62

4758 O#- ZAN<- |. . . . . . . 62

&4e $8 . . . . . . . . . . . . 63

Trust Authority 8H . . . . . . . . . 63

W<: &n qO . . . . . . . . . . 63

Nu b| . . . . . . . . . . . . . 64

CA h~ . . . . . . . . . . . . 64

Nu .e . . . . . . . . . . . . 65

Nu kR qO . . . . . . . . . . 68

s# Nu . . . . . . . . . . . . 68

© Copyright IBM Corp. 1999b iii

Nu . . . . . . . . . . . . . . 69

pvP Nu . . . . . . . . . . . 69

8P L' . . . . . . . . . . . . 69

_`H Nu qO . . . . . . . . . 70

-m W -m /?: Ku . . . . . . 70

nO GQ . . . . . . . . . . . . . 71

RA |.Z . . . . . . . . . . . 71

nO 5^N . . . . . . . . . . . 71

4758 O#- ZAN<- . . . . . . . . 72

:6. +e . . . . . . . . . . . . 73

(g . . . . . . . . . . . . . . 73

(g 9Ze . . . . . . . . . . . 74

(g L%. . . . . . . . . . . . 74

(g L%. 6:) . . . . . . . . 75

'S k 1C{ (g L%.. . . . . . 75

+a: !K . . . . . . . . . . . 75

+a: @N . . . . . . . . . . . 75

(g NW 88 . . . . . . . . . . 76

DB2 %LM#L: . . . . . . . . . . 76

% -v . . . . . . . . . . . . . 76

IBM WebSphere Application Server . . 77

IBM HTTP Server . . . . . . . . 77

IP 0m v$. . . . . . . . . . . 77

p:d. -v . . . . . . . . . . . 78

@j'. D0Z. . . . . . . . . . . 78

&5e |6gW . . . . . . . . . . . 81

8: DO . . . . . . . . . . . . . 81

DO 3m . . . . . . . . . . . . 82

CA -v 8: DO . . . . . . . . 82

RA -v 8: DO . . . . . . . . 91

(g -v 8: DO . . . . . . . . 100

(g ,sLp. 8: DO

AuditClient.ini . . . . . . . . . 105

mI` /?.< . . . . . . . . . . 107

CA Nu /?.< . . . . . . . . 107

RA gkZ /?.< _! . . . . . . 109

(g 88 W -m /?.< . . . . . 110

(g +a: !K /?.< . . . . . . 111

(g L%. Je . . . . . . . . . . 113

(g L%.. . . . . . . . . . . . 113

(g %LM#L: %LM . . . . . . . 116

0 WLm . . . . . . . . . . . 117

L%. I"5 WLm . . . . . . . 117

L%. &n WLm . . . . . . . . 117

R: WLm. . . . . . . . . . . 118

BNH #<< WLm . . . . . . . 118

BNH *R WLm . . . . . . . . 119

5b^B #<< /| WLm . . . . . 119

8:dR /| WLm . . . . . . . 119

(g NW WLm . . . . . . . . . 120

C:[ WLm . . . . . . . . . . 121

.&! Xa. . . . . . . . . . . . 122

VGgW . . . . . . . . . . . . . 123

s% W -q: s% . . . . . . . . . 125

|C $8 . . . . . . . . . . . . 129

kn} . . . . . . . . . . . . . 131

vN . . . . . . . . . . . . . . 147

iv Trust Authority: C:[ |. H;-

%

1. Trust Authority 8: DO . . . . . 10

2. 3$ 6}gM |CH .#hGG

WebSphere Application ServerNW . 15

3. nO @kANW%z |CH .#hGG

WebSphere Application ServerNW . 15

4. 3$ 6}g |C .#hGG HTTP -

v NW. . . . . . . . . . . . 18

5. nO @kANW%z |CH .#hGG

HTTP serverNW . . . . . . . . 18

6. CA -v NW . . . . . . . . . 29

7. RA -v NW . . . . . . . . . 36

8. Trust Authority (g %LM#L: 8b

G - 3m . . . . . . . . . . 41

9. (g -v NW . . . . . . . . . 56

10. %LM#L: '! . . . . . . . . 56

11. p:d. -v NW . . . . . . . . 62

12. Nu .e . . . . . . . . . . . 65

13. IBM HTTP -vk 3--v, 3-w. p( 77

14. CA -v 8: DO . . . . . . . 83

15. RA -v 8: DO . . . . . . . 92

16. (g -v 8: DO . . . . . . . 102

17. (g ,sLp. 8: DO . . . . . 106

18. (g L%. Je . . . . . . . . 113

19. (g L%. . . . . . . . . . . 113

20. 0 WLm Je . . . . . . . . . 117

21. L%. I"5 WLm Je . . . . . 117

22. L%. &n WLm Je . . . . . 117

23. R: WLm Je . . . . . . . . 118

24. BNH #<< WLm Je . . . . . 118

25. BNH *R WLm Je . . . . . 119

26. 5b^B #<< /| WLm Je 119

27. 8:dR /| WLm Je . . . . . 119

28. (g NW WLm Je . . . . . . 120

29. C:[ WLm Je . . . . . . . 121

© Copyright IBM Corp. 1999b v

vi Trust Authority: C:[ |. H;-

&1e Trust Authority $8

IBM®

SecureWay®

Trust AuthorityB gkZ& NuOm EZ VB kE; 8

eOb 'Q v\L wTGn VB @kANW%; &xUOY.

v 6w8N O)] nO W Nu $%! {s pvP Nu; _` W |.R v

VT UOY.

v X.509k xk 0 ON86 v| 3(PKIX) W CDSA(Common Data Security

Architecture)O#- %X! kQ vx: x^Z s#6[!I:; &xUOY.

v pvP -m 8H ANd]: O*G .#hG; pg NP; NuOB f};

&xUOY.

v jslz W ,sLp. b; nO bI: VkG 6k:; &xUOY.

v O#-H kE W nO $8G 8H ze8N bP:L 8eKOY.

Trust Authority C:[: IBM AIX/6000®

W Microsoft Windows NT-v C

'{!- G`I v V@OY. )b!B Y=z 0: Vd bIL wTKOY.

v EZ Nu b|(CA)B pvP NuG O|Q sLAgL,; |.UOY. Nu

-& 8uOb 'X- CAB pvPN _`OB " Nu-! -mUOY. GQ

CRL(certificate revocation list)! -mO) Nu-! u Ls /?Ov JY

B gG; 8uOb5 UOY. _!N -mQ 0& 8#Ob 'X IBM

SecureWay 4758 PCIO#- ZAN<-M 0: O#- Oe~n& gkR v

V@OY.

v nO GQ(RA)B gkZ nO LDG |. [w; 3.UOY. RAB gkZ

G qnO: 0?; vxOB Nu8 N!^: gkZ!T _`J; 8uUO

Y. |. 8:)B Z?- AN<: GB gw! GQ Gga$; kX 3.R

v V@OY.

v % b; nO NMdL:B jslz, -v GB Y% q{(9& in,

VPN(virtual private network)e!, :6. +e W 8H |Z lm); 'Q

Nu; rb 1T X]OY.

© Copyright IBM Corp. 1999b 1

v O] gkZB Windows @kANW%, Trust Authority ,sLp.& kX %

jslz& gkOv Jm5 Nu; .8Om |.R v V@OY.

v N!^: nOZB % b; |. NMdL:, RA %:)>& kX nO d;

; BN GB ENOm NuL _`H D Nu; |.R v V@OY.

v (g -jC:[: " (g 9Ze! kQ ^Cv Nu Ze(MAC)& hjU

OY. (g %LM! (g %LM#L:! bOH D /fGE* h&Gi, MAC

& kX (T; KbR v V@OY.

v @kANW% 3_ZB $% "C.& kX nO AN<:& 6$R v V@O

Y.

v O#- #x! kQ kUH vx. kE; NuOb 'X YI Trust Authority

8:dR! xe }: 3Nk 0N -mKOY. 8H @j'.(0 W MAC)B

O#-Gn 8# 5* KeyStores! zeKOY.

v IBM SecureWayp:d.! kQ kUH vx. L p:d.B LDAP x@ |

DN kRH /? Nu! |Q $8& zeUOY.

v IBM WebSphere™

Application ServerW IBM HTTP -v! kQ kUH v

x. % -vB RA -vM [wO) ^Cv& O#-Om d;; NuOg N

u; G5Q vEZ!T |[UOY.

v award-winning IBM DB2®

Universal Database! kQ kUH vx.

2 Trust Authority: C:[ |. H;-

&2e 3d

L %!-B Trust Authority C:[; n5Om |.OB % JdQ $8& &

xUOY. L %! p^GB ;k: gkZ! Y=! kQ vDL* fh; !v

m VYm !$Q MTOY.

v AIX GB UNIX n5 C:[

v Windows NT n5 C:[

v C:[ F0X3

v W.v) |.

v %LM#L: |.

v % -v |.

v p:d. |.

5 dLvG :&3e f};!-B Trust Authority C:[G n5 W |. f}!

kQ \h{ $8& &xUOY. C:[ C[ W _v f}, O# /f f}, 8:

DO m}b gk f}, C:[ iw W 9x f}z C:[ 8:dRG |. f

}L L e!- R3I MTOY.

v IBM WebSphere Application Server

v IBM HTTP Server

v CA -v

v RA -v

v (g -jC:[

v IBM DB2 Universal Database (UDB)

v IBM SecureWayp:d.

v 4758 O#- ZAN<-

63 dLvG :&4e $8;!-B " ANC`n! CAvB V<! kX 8Y <

N{N $8& &xUOY.


81 dLvG :&5e |6gW;!B 8: DO E3/v, mI` /?.< 8. W

(g -jC:[! kQ %|DG $8! *M V@OY.


&3e f}

; e!-B IBM SecureWay Trust AuthorityW W 8:dR& |.OB f}

! kQ V&& YlOY.

Trust Authority |.

L }!-B Trust Authority C:[; |]{8N |.OB % gkR v VB

58 W AN<:& 3mUOY.

58 W AN<:B Y=z 0@OY.

v Trust Authority O# /f

v -v 8:dR C[ W _v

v 8: DO /f; 'Q IniEditor gk

v Trust Authority 8: NW !K

v Trust Authority IP VR /f

v C:[ iw W 98

Trust Authority O# /f

IBM Trust Authority!B O# /f /?.<! &xGn V@OY. L /?.<

& gkOi C:[ 8: _! 3$Q b; O#& /fR v V@OY. Jb C

:[ 8: D V> gkZ! C:[; gkR v V8Ai W |! VRQ Q x

: O#& /fX_ UOY. L O#i: Y= bIG 8:dR! kQ W<:&

&nUOY.

v 8H C[ ^?Or

&n ANW% O#& kX Xg bhG pg Trust Authority 8:dR& C

:[L Z?8N C[GE* KYnR v Vm, 8H C[ O#- 0! W<:

R v V@OY.

v 4758 CA ANDO


4758 CA ANDO O#B 4758 O#- ZAN<- CA ANDO! kQ W

<:& &nUOY.

v p:d.

p:d. |.Z O#B p:d.!- /fR v VB dR! kQ W<:& &

nUOY.

v (g -v

(g |.Z O#B (g NW W (g |. 58! kQ W<: GQ; &x

UOY.

O# /f /?.<& gkO) O#& /fOAi Y= \h& {#JC@.

1. Y= fN _ O*& gkO) Trust Authority bin p:d.N !JC@.

v AIX G fl, b; fN*: Y=z 0@OY.

/usr/lpp/iau/bin

v Windows NTG fl, b; fN*: Y=z 0@OY.

c:\Program Files\IBM\Trust Authority\bin

2. gkZ n5 <&! {s Y= mI _ O*& TBOJC@.

v AIX G fl, mInB Y=z 0@OY.

changePWD.sh

v Windows NTG fl, mI fNB Y=z 0@OY.

changePWD.bat

Y= ^:! *83OY.

------------- Change Trust Authority Passwords --------------Enter the option number for the component you want to change.You will be prompted to enter the current password and thenthe new password.--------------------------------------------------------------1) Control Program2) 4758 CA Profile3) Directory Administrator4) Audit Administrator5) QuitEnter Option:


3. IG TB Je! IG x#& TBO) /fOAB O#G IG; 1COJC

@.

4. ARA.! %CGi 1CQ IGG vg O#& TBOm .NOJC@.

V: 3=8N L 58& gkOB fl vg O#B 8:C O#TOY. &n

ANW%, 4758 CA ANDO W (g |.Z O#! kX Trust Authority

-v O#& vg O#N v$OJC@. p:d. |.Z O#! kX-B

8: _! [:H p:d. |.Z O#& vg O#N v$OJC@.

5. ARA.! %CGi 1CQ IG! gkR u O#& TBOm .NOJC@.

O#B 8Z LOLn_ UOY(4758 CA ANDO O#B $.w 8ZLn_

UOY).

/fL &kN OaGzBv )N& KAVB ^Cv! %CKOY.

AN<:! OaGi V ^:N G9F)OY.

-v 8:dR C[ W _v

IBM Trust AuthorityB Trust Authority &n ANW%Lsm OB H|Q Z?

C[ ^?Or; gkO) Xg bhG pg 8:dR& C[ GB _vUOY.

Trust Authority &n bI(x] bhG fl!B bh6Y O*? V=): Z<

G O#-/O# X6 0& !vm V8g, JdQ fl L 0& gkO) 8:d

R O#& O#-OE* X6UOY.

8:dR C[

Trust Authority 8:dR& C[OAi, Y= \h& {#JC@.

1. C:[; 3!Q gkZN- Trust Authority! NWNOJC@.

2. Y=; TBO) bin p:d.N L?OJC@.

v AIX & G`OB fl, b; fNB /usr/lpp/iau/binTOY.

v Windows NT& G`OB fl, b; fNB c:\Program Files\IBM\Trust

Authority\binTOY.

3. gkZ n5 <&! {s Y= mI _ O*& TBO) C:[; C[OJC

@.

v AIX G fl:

&3e f} 7

Start_TA.sh

v Windows NTG fl:

Start_TA.bat

ANW%L Y=z 0L @dUOY.

&n ANW% O#& TBOJC@. ==>

L &n ANW% O#B Trust Authority &n ANW% KeyStore!- O#

& X6OB % gkGB 0& W<:UOY.

4. &n ANW% O#& TBOJC@.

&n ANW%: 8: DO; Pn C[X_ OB 8:dR& G0UOY.

v C[X_ Og O*G O#& !vB " 8:dRG fl, ANW%L O#

& X6Om 8:dR& C[UOY.

v C[X_ Og O*G O#& !vv JB " 8:dRG fl, ANW%:

\v 8:dR& C[Ob8 UOY.

v 8:dR! LL G` _N fl!B Xg 8:dR& G` _N sBN S

OY.

8:dR _v

Trust Authority 8:dR& _vOAi, Y= \h& {#JC@.

1. C:[; 3!Q gkZN- Trust Authority! NWNOJC@.

2. Y=; TBO) bin p:d.N L?OJC@.

v .IX& G`OB fl, b; fNB /usr/lpp/iau/binTOY.

v Windows NT& G`OB fl, b; fNB c:\Program Files\IBM\Trust

Authority\binTOY.

3. gkZ n5 <&! {s Y= mI _ O*& TBO) C:[; C[OJC

@.

v AIX G fl:

Stop_TA.sh

v Windows NTG fl:

Stop_TA.bat


ANW%L Y=z 0L @dUOY.

&n ANW% O#& TBOJC@. ==>

&n ANW% O#! kX ANW%L ARA.& %CUOY. L O#B Trust

Authority &n ANW% KeyStore!- O#& X6OB % gkGB 0& W

<:UOY.

4. &n ANW% O#& TBOJC@.

&n ANW%: 8: DO; Pn _vX_ OB 8:dR& G0UOY.

v _vX_ OB " 8:dRG fl, ANW%L 8:dR& _vUOY.

v 8:dR! LL _vH fl!B ANW%L F+1 6!5 kOv J@O

Y.

IniEditor & gkQ 8: DO /f

L }!-B IniEditorsB 8: DO m}b& #bOm gkOB f}! kX 3

mUOY. IniEditor 58& gkOi IBM Trust AuthorityG 8: DON ""

G E3/v W =G; _!, w%L. W h&R v V@OY. L 58G m} J

e!B " E3/v! L'=*G V8N %CGGN gkZ! JdN OB E3

/v& 1T #F- m}R v V@OY. 8: E3/vG 3m W gk! kQ ;

k: 81 dLvG :8: DO;; |mOJC@.

V:

1. IniEditorB 8: DO; w%L.OB % gkOb 'X mHH \xQ m}

bTOY. L 58N %LMG /?: Ku; v`R vB x@OY.

2. DO 8# wx!- 8: DO; /fOb |!B Ws m}R 8: DO; i

wX u8JC@.

m}b G`

m}bB mI`!- C[R v V8g L ' m}OAB DO L': v$R v

5 Vm v$Ov J; v5 V@OY.

DO L'(9: myfile.ini); gkO) m}b& G`OAi Y= mI _ O*&

TBOJC@.

v AIX /fG fl!B mI`!- Y=; TBOJC@.

&3e f} 9

cd /usr/lpp/iau/binrun_IniEditor myfile.ini

v Windows NT /fG fl!B DOS mI`!- Y=; TBOJC@.

cd c:\Program Files\IBM\Trust Athority\binIniEditor myfile.ini

DO L'; gkOv Jm m}b& G`OAi Y= mI _ O*& TBOJC

@.

v AIX /fG fl!B mI`!- Y=; TBOJC@.

run_IniEditor

v Windows NT /fG fl!B DOS mI`!- Y=; TBOJC@.

IniEditor

DO L'; TBOv JB fl!B m}R DOL u DONv b8G DONv

& v$O5O OB ARA.! %CKOY. u DO; v$OB fl!B [:O

AB DOG /|; v$O5O OB ARA.! %CKOY. " DO /|6Y k

@OB .ini DO [C..! V8g L [C..B Xg /|; v$R ' Pn

iLT KOY. Y=: DO /|G IGTOY.

% 1. Trust Authority8: DO

AIX b; DO '! Windows NT b; DO '! 3m

/usr/lpp/iau/etc/TrustAuthority/

johahca.ini

c:\Program Files\IBM\Trust

Authority\etc\TrustAuthority\jonahca.ini

CA -v 8: DO. CA -v

G 8: /v& v$UOY.

b; n5 /! W ,a 3$

*; &nOAi L /v& /

fOi KOY.

/usr/lpp/iau/pkrf/Domains/

YourDomain/etc/johahra.ini

c:\Program Files\IBM\Trust Authority

\pkrf\Domains\YourDomain\etc\

jonahra.ini

RA -v 8: DO. RA -v

G 8: /v& v$UOY.

L /vB b; n5 W ,a

3$*; &xR S8 FOs

RA -vM p:d. -v #

G s#[k f}; &nR v

V5O UOY.


% 1. Trust Authority8: DO (hS)


/usr/lpp/iau/etc/AuditClient.ini c:\Program Files\IBM\Trust

Authority\etc\AuditClient.ini

(g ,sLp. 8: DO.

(g ,sLp.G 8: /v

& v$UOY. L /vB ,

a 3$*; &xOm, G&N

n2 (g L%.& [ER M

Nv& &nOB (g 6:)

& 6$R v V5O UOY.

/usr/lpp/iau/etc/TrustAuthority/

AuditServer.ini


Authority\etc\TrustAuthority\

AuditServer.ini

(g -v 8: DO. (g -

vG 8: /v& v$UOY.

(g -vG b; n5 /!

W ,a 3$*; g8:OA

i L /v& /fOi KO

Y. GQ pvW W @y ^C

v& bOOB f}; v$R

v5 V@OY. L /vi:

bOI L%.& &nOb5

UOY.

IniEditorB Trust Authority DOL sVOB p:d.& KvO) [C.. D

O; #@OY.

m}b gk

IniEditor& 8: DON NeOi b8G E3/v! -i ^J! .. 86N *

83OY. L 86!B DOG =Gz 0! wTKOY. =G; 1COAi =G L

'; )#JC@. =G; .eOAi uOb(+) b#& )#JC@. =G! 0! w

TGn VB fl!B E3/v L'=*G VL -i @%JG m} Je! *8

3OY.

E3/v m}: Y=G m} 8:)& v`R v V@OY.

v E3/v *; /fOAi m} JeG X:. '! Xg ;k; TBOJC@.

v /fgW; G`kROAi, m} → G`kR& 1COJC@.

v E3/v* =G; h&OAi h&R Wq; 1CQ D m} → h&& 1C

OJC@.

=G _!: .ini DO! =G; _!OAi Y= \h& {#JC@.

1. @j'. → u =G; 1COJC@.

&3e f} 11

u =G _! k-sZ! *83OY.

2. k-sZ!- =GG L'; v$OJC@.

3. .N; )#JC@.

.. 86G G F!! u =GL *83OY.

E3/v _!: .ini DOG =G! E3/v& _!OAi Y= \h& {#J

C@.

1. @j'. → u E3/v& 1COJC@.

u E3/v [: k-sZ! *83OY. )b!B eSYn ^:! wTGn

V8g, L ^:!- E3/v& _!OAB ks =G; 1CR v V@OY.

2. E3/v Je!- E3/vG L'; v$OJC@.

3. * Je!- E3/vG *; v$OJC@.

4. .N; )#JC@.

1CQ =G F!G .. 86M " @%JG m} Je! u E3/v! *

83OY.

DO ze: IniEditor!-B vgG .ini DO; zeOE* Y% L'; !x D

ON zeOE* ANW%; >aR v V@OY. DOL /fH fl!B /fg

WG ze )N& /B ARA.! %CKOY. ze IGz *((ze wT) IG

pN vg DO; .save& .eZN .B iw8N zeOm u DO; vg DO

L'8N bOUOY.

Trust Authority IP VR /f

Trust Authority C:[L \O #:.m; gkOB \O bh! 3!Gn 8:

H fl, Y= }w& gkO) Xg bhG IP VR& /fR v V@OY.

1. Trust Authority C:[; _vOJC@.

2. gkZ 6wG $%! {s bhG IP VR& /fOJC@.

3. bh& KYnQ D gC[OJC@.

4. Trust Authority C:[; C[OJC@.


L .-B Y_ bh GB Y_ #:.m IP VR* #:.m /fgW; wTO

B Y% C*.@! kX-B 3mOv J@OY. kNPG vg ANCz! kX

-B IBM SecureWay Trust Authority% gL.G sLj/. dLv& |6

OJC@.

C:[ iw W 9x

L }!-B IBM SecureWay Trust AuthorityG iw W 9x .&& YlOY.

L e: /w Y= .&& YlOY.

v Trust Authority %LM#L:G iw W 98& 'Q v'

v AIX W Windows NT n5 <& iw W 98

v IBM 4758 O#- ZAN<- 9&

AIX W Windows NT !-G iw W 9x

AIX & gkOg Windows NT& gkOg |hxL &kN Trust Authority&

iwOAi, Uz Y= x-N pg Trust Authority AN<:& C:[ >aX_

UOY.

1. Trust Authority

2. DB2 %LM#L:

LB gkOAB iw! |hxL v`X_ UOY. p:d. -vM DB2B q?

b 2b& gkOg L/Q AN<:! O|OT C:[ >aGv J: fl!B

^p. v[G %LM! C:[ iwC p:)! bOHYm 8eR v x@OY.

C:[L \O gkZ /v8v pe! !novO iw; u _ v`KOY. Trust

AuthorityG _v W C[! kQ Z<Q ;k: 7 dLvG :-v 8:dR C

[ W _v;& |6OJC@. %LM#L: _v W C[! kX-B IBM DB2

Universal DatabasemIn |6-, v| 5.2& |6OJC@.

iw /?.<! kX- IBM: Y=; GeUOY.

v AIX G fl, ;e iw /?.< mksysbM savevg GB ADSM(Y% IBM

&0); gkOJC@. mksysbW savevg/?.<& gkOB fl CY% A

NCz! kX AIX .-& |6OJC@. ADSM; gkOB fl!B L .

-& mksysbM T2 gkOJC@.

&3e f} 13

v Windows NTG fl, C:[ |<& 98R v VB C:[ LLv& [:O

B aftermarket/?.<& gkOJC@. ADSM; gkOB fl!B C:[

LLv /?.<M T2 gkOJC@.

gkZ! 1CQ iw /?.<! {}Q 9x ANCz! {#JC@.

4758 O#- ZAN<- 9&

4758 O#- ZAN<-& iwOAi, Trust Authority C:[; 3!Q bhG

6:M 0& 05G bh! 9&X_ UOY. Y= '!! VB IBM SecureWay

Trust Authority % gL.G sLj/. dLv!- L& v`OB ANCz& #

; v V@OY.

http://www.ibm.com/software/security/trust/library

WebSphere Application Server |.

IBM WebSphereB 6wG m:I % gL. 3_ W |.& =b 'Q RA.

~n &0:TOY. WebSphere Application ServerM IBM HTTP ServerB Trust

Authority!- % -v! bIOb 'Q ON86& &xUOY.

WebSphere Application Server sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) WebSphere

Application ServerG sB& !KR v V@OY.

v AIX G fl:

1. rootN AIX ! NWNOJC@.

2. AN<: %& !KOm Y=; #8JC@.

OutofProcEngine

L AN<:& |6OB fl, 3 \hN !JC@ L AN<:! x8i 1

22 dLvG :.&! Xa;! *M VB v'; |6OJC@.

3. WebSphere|. dLv! W<:Om -vG sB& G0OB f}! k

X-B WebSphere.-& |6OJC@.

v Windows NTG fl:

1. C:[ |.ZN Windows NT!- NWNOJC@.


2. Ctrl , Alt W Delete 0& -/ [w |.Z& C[OJC@.

3. AN<: G; 1COJC@.

4. {n5 Q3 LsG java.exeAN<: N:O:& #8JC@.

L AN<:& |6OB fl, 5 \hN !JC@. L AN<:! x8i 1

22 dLvG :.&! Xa;! *M VB v'; |6OJC@.

5. WebSphere|. dLv! W<:Om -vG sB& G0OB f}! k

X-B WebSphere.-& |6OJC@.

WebSphere Application Server NW !K

18 dLvG %5! %CH '!!- IBM Trust Authority 3$ 6}g#G .#

hG; bOQ NW& !KR v V@OY.

% 2. 3$ 6}gM |CH .#hGG WebSphere Application ServerNW

AIX b; DO '! Windows NT b; DO '! V.

/usr/lpp/iau/etc/logs/jvm_stderr.log c:\Program Files\IBM\Trust

Authority\etc\logs\jvm_stderr.log

Java !s bh(JVM)G

%X @y bB

/usr/lpp/iau/etc/logs/jvm_stdout.log c:\Program Files\IBM\Trust

Authority\etc\logs\jvm_stdout.log

JVMG %X bB

%3! %CH '!!- WebSphere Application ServerM gkZ nO @kAN

W%#G .#hG; bOQ NW& !KR v V@OY.

% 3. nO @kANW%z |CH .#hGG WebSphere Application ServerNW


/usr/lpp/iau/pkrf/Domains/YourDomain

/etc/logs/jvm_stderr.log


Authority\pkrf\Domains\YourDomain\

etc\logs\jvm_stderr.log

Java !s bh(JVM)G

%X @y bB


/etc/logs/jvm_stdout.log


Authority\pkrf\Domains\YourDomain\

etc\logs\jvm_stdout.log

JVMG %X bB


/logs/hostname_ssl-port-ssl-error.log


Authority\pkrf\Domains\YourDomain

\logs\hostname_ssl-port-ssl-error.log

8H HTTP ,a; k

Q .#hG8NNMG

@y ^Cv. ,sLp.

Nu W q,sLp.

Nu _ O*TOY.

&3e f} 15

% 3. nO @kANW%z |CH .#hGG WebSphere Application ServerNW (hS)



/logs/hostnameerror.log


Authority\pkrf\Domains\YourDomain

\logs\hostname_public-porterror.log

xk HTTP ,a; k

Q .#hG8NNMG

@y ^Cv.

HTTP Server |.

IBM HTTP ServerB jslz W Y% ANW%z T2 % b] kE; 3.O

B % -v &0TOY. HTTPD(HTTP pU)B HTTP ServerG __{ *R;

OB 5S{ AN<:TOY. Trust AuthorityB )/ HTTP pU; |3UOY.

L/Q HTTP pU N:O:B xkG O#-H ,sLp. Nu W O#- ,a

; 3.UOY. )/ Y% /|G .#hG; 3.Ob 'X Trust Authority! g

kGB )/ /|G ,az % -v! kX Z<w KAi 76 dLvG :% -v;

;k; |6OJC@.

HTTP Server sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) HTTP -v

G sB& !KR v V@OY.

v AIX G fl:


2. AN<: %& !KOm Li AN<: N:O:& #8JC@.

– 1 of sidd

– 2 of httpd

L/Q < 3G AN<: pN& 8TGi 3 ;k8N !JC@. L/Q <

3G N:O: pN! x8i 122 dLvG :.&! Xa;! *M VB v

'; |6OJC@.

3. Y= b; fN! VB bin p:d.N !JC@.

/usr/lpp/iau/bin

4. " w.! kX L mI; TBO) w.& !KOJC@.

checkSrvPortStatus -p port -s server -r1 -w1


)b- portB !KOAB w.G x#Lm serverB WM ,|H HTTP -

vG L'TOY. 77 dLvG %13! Trust Authority b; HTTP -v

M w. 8:G d`L *M V@OY.

!K _N w.! $:{8N @dOB fl C:[: Y= ^Cv& %C

UOY.

w.:-v! VB w.! YNeKOY.

)b- portB !K _N w.Lm serverB Xg -vG L'TOY.

v Windows NTG fl:



3. AN<: G; 1COJC@.

4. Apache.exeAN<:G N !v N:O:& #8JC@.

Li N AN<:& 8TGi 5 ;k8N !JC@. L/Q N 3G N:O

: pN! x8i 122 dLvG :.&! Xa;! *M VB v'; |6O

JC@.

5. MS DOS ARA.!- Y= b; fN& .B bin p:d.N !JC@.


6. " w.! kX L mI; TBO) w.& !KOJC@.

checkSrvPortStatus -p port -s server -r1 -w1

)b- portB !KOAB w.G x#Lm serverB WM ,|H HTTP -

vG L'TOY. 77 dLvG %13! Trust Authority b; HTTP -v

M w. 8:G d`L *M V@OY.

!K _N w.! $:{8N @dOB fl C:[: Y= ^Cv& %C

UOY.

w.:-v! VB w.! YNeKOY.

)b- portB !K _N w.Lm serverB Xg -vG L'TOY.

&3e f} 17

HTTP Server NW !K

%4! %CH '!!- IBM HTTP -vM Trust Authority 3$ 6}g#G .

#hG; bOQ NW& !KR v V@OY.

% 4. 3$ 6}g |C .#hGG HTTP -v NW


/usr/lpp/iau/logs/oop_native.log.ERROR c:\Program Files\IBM\Trust

Authority\logs\oop_native.log.ERROR

AN<: \N #xG

xC Ze NP!- *

B @y ^Cv

/usr/lpp/iau/logs/ oop_native.log.INFORM c:\Program Files\IBM\Trust

Authority\logs\ oop_native.log.INFORM

AN<: \N #xG

xC Ze NP!- *

B $8 ^Cv

/usr/lpp/iau/logs/ oop_native.log.

WARNING


Authority\logs\ oop_native.log.WARNING

AN<: \N #xG

xC Ze NP!- *

B fm ^Cv

%5! %CH '!!- IBM HTTP -vM nO @kANW%#G .#hG; b

OQ NW& !KR v V@OY.

% 5. nO @kANW%z |CH .#hGG HTTP serverNW


usr/lpp/iau/pkrf/Domain/YourDomain

/logs/apache.log.ERROR.PID


Authority\Domains\YourDomain

\logs\apache.log.ERROR.PID

IBM HTTP Server @

y ^Cv.


/logs/apache.log.INFORM.PID



\logs\apache.log.INFORM.PID

IBM HTTP Server $

8 ^Cv.


/logs/apache.log.TRACE.PID



\logs\apache.log.TRACE.PID

IBM HTTP Server!

GX _{ NW.

CA -v |.

L }!-B Trust Authority CA -vG n5 W |. ANC`n& 3mUOY.

CA -vB Trust Authority CAG -vx 8:)& 3.UOY. L -vB DB2

%LM#L: N:O:M T2 NC GB x] bh _ O*! sVUOY.

Y=: CA -v& |.Ob 'X v`X_ OB 8:)TOY.


v IniEditor& gkO) jonahca.ini 8: DO; /fOJC@.

– CA! ;kOB TCP w.& /fOJC@.

– PKIX ^Cv! kQ z5 #]; /fOJC@.

– CRL 3$; /fOJC@.

v s# Nu W CA h~! kX CA Nu /?.<& gkOJC@.

v CA -v NW& !KOJC@.

v CA -v sB& !KOJC@.

CA -v ;kZ w. /f

CA -v .:J w.B CA! PKIX ^Cv& ;kOB '!TOY. L w.G

*; /fOAi Y= \h& {sJC@.

1. C:[ |.ZN- n5 C:[G NWNOJC@.

2. Trust Authority C:[; _vOJC@. JdR fl 7 dLvG :-v 8

:dR C[ W _v;! *M VB C:[ _v W C[! kQ v'; |6

OJC@.

3. IniEditor& C[Om jonahca.ini 8: DO; NeOJC@. JdR fl 9

dLvG :IniEditor& gkQ 8: DO /f;! *M VB IniEditor C[

W gk! kQ v'; |6OJC@. AIX W Windows NT DO '!! k

X-B 10 dLvG %1; |6OJC@.

4. |[ =G; 1CO) .eOm TCPPort E3/v& 1COJC@.

5. %CH m} Je!- w. x#G *; /fOJC@.

6. DO; zeOm ANW%; >aOJC@.

7. IniEditor& gC[Om jonahra.ini 8: DO; NeOJC@(L DO: g

kZ 3!! {s NC GB x] bh! V; v V@OY).

8. URL =G; 1COJC@.

9. %CH m} Je!- w. x#G *; /fOJC@.

10. O] =G; 1CO) .eOm Issuer1URL1 E3/v& 1COJC@.

11. %CH m} Je!- w. x#G *; /fOJC@.


&3e f} 19


CA z5 #] /f

CA z5 #]: CA -v! GQ [we' %G z. gL #](J(s), P(m) G

B C(h) \')TOY. [wv$ C#L fzH %G dRi: 3.& 'X [wv

$KOY. z5 #]; /fOAi, Y= \h& {#JC@.


2. Trust Authority C:[; _vOJC@. JdR fl 7 dLvG :-v 8:

dR C[ W _v;! *M VB C:[ _v W C[! kQ v'; |6O

JC@.

3. IniEditor& C[Om jonahca.ini8: DO; NeOJC@. JdR fl 9 d

LvG :IniEditor& gkQ 8: DO /f;! *M VB IniEditor C[ W

gk! kQ v'; |6OJC@. AIX W Windows NT DO '!! kX

-B 10 dLvG %1; |6OJC@.

4. |[ =G; 1CO) .eOm PollInterval E3/v& 1COJC@.

5. %CH m} Je!- z5 #]G *; /fOJC@.



CRL 3$ /f

CRL(Nu kR qO)Lu CA! kRQ NuG qO8N- pvP -m W C#

RNL {kH qO; ;UOY. CRL 3. f}! 5b; L!b 'X CA -v

8: DO!- Y= *; /fR v V@OY.

v :IYH CRL [: gLG C#

v CRLG vm

CRL [: gL! ckGB C# /f

:IYH CRL _} gL! ckGB C#! kX Nu W s# Nu $%; /

fOAi Y= \h& v`OJC@.





JC@.




-B 10 dLvG %1; |6OJC@.

4. CertPolicy =G; 1CO) .eOm TimeBetweenCRLs E3/v& 1C

OJC@.

5. %CH m} Je!- uNn CRL [: gLG C# *; /fOJC@.

L *: P(m), C(h) GB O(d) \'G #]L KOY. 9& in, 1d. L

*: CRL vSb# *8Y [F_ UOY.

6. CrossCertPolicy =G; 1CO) .eOm TimeBetweenCRLs E3/v&

1COJC@.

7. %CH m} Je!- uNn CRL [: gLG C# *; /fOJC@.

L *: P(m), C(h) GB O(d) \'G #]L KOY. 9& in, 1d. L

*: CRL vSb# *8Y [F_ UOY.



CRL vm /f

CRLG vSb# GB sLAgL,! kX Nu W s# Nu $%; /fOA

i Y= \h& v`OJC@.




JC@.




-B 10 dLvG %1; |6OJC@.

&3e f} 21

4. CertPolicy =G; 1CO) .eOm CRLDuration E3/v& 1COJC

@.

5. %CH m} Je!- CRLG /? b# *; /fOJC@. L *: P(m),

C(h) GB O(d) \'G #]L KOY. 9& in, 2d.

6. CrossCertPolicy =G; 1CO) .eOm CRLDuration E3/v& 1C

OJC@.

7. %CH m} Je!- CRLG /? b# *; /fOJC@. L *: C, P

GB O \'G #]L KOY. 9& in, 2d.



s# Nu; gkQ CA Nu d;

s# Nu EZ p(; gkO) Trust Authority CA& kEOB Y% CA!-

CA Nu; d;R v V@OY. s# Nu: Y% Nu; Nu uEN vkO5

O ?GOb 'X -N EZOB CA& ckUOY. s# Nu: CAi gL!-

gfb8N Lgnz v VB ]i, Trust Authority!-B \fb s# Nu d

;8 vxKOY.

Trust Authority CA Nu /?.<& gkO) Y% CAM s# Nu; vÙ

OY. L /?.<B mI` 58TOY. L 58& C[R 'B %X L' &`

Nu .e; YA8N Q IG; v$X_ UOY. R.Z IG: ckH -j.

. qO! wTGB gW; v$UOY. k.Z IG: &\H -j.. qO! w

TGB gW; v$UOY. O]{8N &\H -j..B ckGB -j.. qO

5 v$GB VR /|! kX-8 v$KOY.

Y= }!B s# Nu p(; gkOB CA Nu; .8Ob 'X v`X_ O

B \hM 9&! *M V@OY.

s# Nu \h

s# Nu p(; gkOB CA Nu; d;OAi Y= \h& {#JC@.

1. s# Nu; d;OB CA kE, gkZ H;-!- %; gkO) nOOB

% kQ v'! {s Y= \h& vÒJC@.

a. Xg d;L CA! kQ MS; v$O) g|nO; vÒJC@.


b. nO d; sB& !KOJC@.

c. ; }G !! VB V! {s g|nO DO; zeOJC@.

2. g|nO DO; s# Nu; d;OB CA! VB bhN |[OJC@.

3. s# Nu; d;OB CA! VB bh! C:[; 3!Q gkZN- Trust

Authority! NWNOJC@.

4. AIXG fl mI`!- CaCertRqmI; G`Om Windows NTG fl DOS

ARA.!- G`OJC@.

CaCertRqmI; v`R ', g|nO DOG }k fNM L'; &xX_

UOY. mI 8. W mIG E3/v 3m! kQ ;k: 107 dLvG :CA

Nu /?.<;& |mOJC@.

IP VR 6:) v$

NuG /?:; gkZ 8g!- gkOB IP VR |'N &QOB s# NuH

CA Nu; d;R v V@OY.

Y=G 9!-, n5 C:[L AIX N fl, gkZG 8g! gkOB IP VRG

|'B 9.0.0.0NM 9.255.255.254nvLg, g|nO fN W DO L':

/tmp/ccprereg.regLm O#B Secure99TOY. L mI: v$H VR |'& c

kH -j.. qO! '!C5OY.

CaCertRq -i 9.0.0.0/255.0.0.0 -r /tmp/ccprereg.reg -P 1835 Secure99

DNS VR v$

NuG /?: Ku; DNS VR Wl8N &QOB s# 8u CA Nu; d;

R v V@OY.

Y= 9&!-B Windows NT& G` _Lm Trust Authority CA #:.B

.companyA.com8N !*B DNS VR& !}OY. L mI: v$H DNS V

R& ckH -j.. qO! '!C5OY.

CaCertRq -d .companyA.com -r c:\temp\ccprereg.reg -P 1835 Secure99

V: DNS VR! 6'%N C[OB fl!B Xg NS .Z-(″.″ wT)N !*

B pg #:.! -j.. qO! '!UOY. DNS VR! 6'%N C[O

v JB fl!B Xg .Z-z O!OB #:.8; *8;B MTOY.

&3e f} 23

9 & i n , & Q 6 G ″ . companyA.com″ : us .companyA.com,

vnet.companyA.comW w3.software.companyA.comzB O!O*

companyA.com(kidcompanyA.com)Z<MB O!Ov J@OY. &Q6G

companyA.com: companyA.comzB O!O* us.companyA.comzB O

!Ov J@OY. L/Q -j..(″.″N C[Ov JB -j..)B O*G !

IQ ke8; *8@OY. ″.″N C[Ov JB m<B &\GB -j..!

VN /kUOY.

|Z lm VR v$

NuG /?: Ku; |Z lm VR Wl8N &QOB s# 8u CA Nu;

d;R v V@OY.

Y= 9&!-B Windows NT& G` _Lm pg Trust Authority CA #:.

! .us.companyA.com8N !*B |Z lm VR& !vg g|nO fNM D

O L': a:\ccprereg.regLm O#B Secure99TOY. L mI: v$H |Z l

m VR& ckH -j.. qO! '!C5OY.

CaCertRq -m .us.companyA.com -r a:\ccprereg.reg -P 1835 Secure99

NuG /?: Ku; |Z lm VR Wl;G O*& &\Q pg VRN &Q

OB s# NuH CA Nu; d;R v V@OY.

Y= 9&!-B Windows NT& G` _Lm Trust Authority CA #:.! |

Z lm VR outCA.us.companyA.com; !vg g|nO fN W DO L':

a:\ccprereg.regLm O#B Secure99TOY. L mI: v$H |Z lm VR&

&\H -j.. qO! '!C5OY.

CaCertRq -m .us.companyA.com -M outCA.us.companyA.com -r a:\ccprereg.reg -P 1835Secure99

URI v$

NuG /?: Ku; UO Zx D0Z(URI, URLL !e O]{N O'}UN

D0Z |V) Wl8N &QOB s# NuH CA Nu; d;R v V@OY.


Y= 9&!-B AIX & G` _Lm pg Trust Authority CA #:.! .xyz.com

8N !*B #:. L'; !vg g|nO fNM DO L': /tmp/ccprereg.reg

Lm O#B Secure99TOY. L mI: v$H URI& ckH -j.. qO!

'!C5OY.

CaCertRq -u .xyz.com -r /tmp/ccprereg.reg -P 1835 Secure99

V: URIG ke NP(.. 86!- %LMG O' WqG Yxv): IP VR!

wTGn Vv JB Q 23 dLvG :DNS VR v$;!- 3mQ Mz ?O

Q T"; {s_ UOY. L fl $.w O!X_ UOY.

p:d. Wq v$

NuG /?: Ku; ?OQ RDN(sk{ 80 L'); !vB p:d. Wq W

l8N &QOB s# NuH CA Nu; d;R v V@OY.

Y= 9&!-B AIX & G` _Lm pg Trust Authority CA #:.! &xH

RDNz O!OB RDN, /C=US/O=companyA/OU=departmentB& !vg g|

nO fNM DO L': /tmp/ccprereg.regLm O#B Secure99TOY. L mI

: v$H RDN& ckH -j.. qO! '!C5OY.

CaCertRq -n "/C=US/O=companyA/OU=departmentB" -r /tmp/ccprereg.reg -P 1835Secure99

h~ p(; gkQ CA Nu d;

h~ EZ p(; gkO) Y% CANNM CA Nu; d;R v V@OY. L

B 9& in gkZ gL.G )/ w! Trust Authority! 3!Gn Vm CA

#! EZ h~; 3$OAB fl v`R v V@OY. CAB h~!- W '!

VB CA& EZOm NuG uEN- Xg CAG Nu; vkUOY.

CA h~; 3$OAi Trust Authority CA Nu mI` /?.<& gkOJC

@. L 58& gkR 'B %X L' &Q6G Nu .e! kX VRQ O*G

IG; v$X_ UOY(Nu .e! kX-B 65 dLvG :Nu .e; |6). R

.Z IG: ckH -j.. qO! wTGB gW; v$UOY. k.Z IG:

&\H -j.. qO! wTGB gW; v$UOY. O]{8N &\H -j..

B ckGB -j.. qO5 v$GB VR /|! kX-8 v$KOY.

&3e f} 25

Y= }!B h~ p(; gkOB CA Nu; .8Ob 'X v`X_ OB \

hM 9&! *M V@OY.

h~; gkQ CA Nu d; \h

h~ p(; gkQ CA Nu; d;OAi Y= \h& {#JC@.

1. s# Nu; d;OB CA kE, gkZ H;-!- %; gkO) nOOB

% kQ v'! {s Y= \h& vÒJC@.

a. Xg d;L CA! kQ MS; v$O) g|nO; vÒJC@.

b. nO d; sB& !KOJC@.

c. ; }G !! VB V! {s g|nO DO; zeOJC@.

2. g|nO DO; h~ b; CA Nu; d;OB CA! bhN |[OJC@.

3. Nu; d;OB CA! VB bh! C:[; 3!Q gkZN- Trust

Authority! NWNOJC@.

4. AIXG fl mI`!- CaCertRqmI; GÒm Windows NTG fl DOS

ARA.!- GÒJC@.

CaCertRqmI; v`R ', g|nO DOG }k fNM L'; &xX_

UOY. mI 8. W mIG E3/v 3m! kQ ;k: 107 dLvG :CA

Nu /?.<;& |mOJC@.

IP VR 6:) v$

Y% CAG CA h~; hBOm NuG /?: Ku; gkZG 8g! gkO

B IP VR Wl8N &QOB CA Nu; d;R v V@OY.

Y=G 9!- n5 C:[L AIX N fl, gkZG 8g! gkOB IP VRG

|'B 9.0.0.0NM 9.255.255.254nvLg, g|nO fN W DO L':

/tmp/ccprereg.regLm O#B Secure99TOY. L mI: v$H VR |'& c

kH -j.. qO! '!C5OY.

CaCertRq -i 9.0.0.0/255.0.0.0 -h -r /tmp/ccprereg.reg -P 1835 Secure99

DNS VR v$

Y% CAG CA h~; hBOm NuG /?: Ku; DNS VRG Wl8N &

QOB CA Nu; d;R v V@OY.


Y= 9&!-B Windows NT& G` _Lm pg Trust Authority CA #:.

! .companyA.com8N !*B DNS VR& !vg g|nO fNM DO L'

: a:\ccprereg.regLm O#B Secure99TOY. L mI: v$H DNS VR& c

kH -j.. qO! '!C5OY.

CaCertRq -d .companyA.com -h -r a:\ccprereg.reg -P 1835 Secure99

V: DNS VR! 6'%N C[OB fl!B Xg NS .Z-(″.″ wT)N !*

B pg #:.! -j.. qO! '!UOY. DNS VR! 6'%N C[O

v JB fl!B Xg .Z-z O!OB #:.8; *8;B MTOY.

9 & i n , & Q 6 G ″ . companyA.com″ : us .companyA.com,

vnet.companyA.comW w3.software.companyA.comzB O!O*

companyA.com(kidcompanyA.com)Z<MB O!Ov J@OY. &Q6G

companyA.com: companyA.comzB O!O* us.companyA.comzB O

!Ov J@OY. L/Q -j..(″.″N C[Ov JB -j..)B O*G !

IQ ke8; *8@OY. ″.″N C[Ov JB m<B &\GB -j..!

VN /kUOY.

|Z lm VR v$

Y% CAG CA h~; hBOm NuG /?: Ku; |Z lm VR WlG p

g VR! {kOB CA Nu; d;R v V@OY.

Y= 9&!-B AIX & G` _Lm pg Trust Authority CA #:.!

.us.companyA.com8N !*B |Z lm VR& !vg g|nO fNM DO L

': /tmp/ccprereg.regLm O#B Secure99TOY. L mI: v$H |Z lm

VR& ckH -j.. qO! '!C5OY.

CaCertRq -m .us.companyA.com -h -r /tmp/ccprereg.reg -P 1835 Secure99

Y% CAG CA h~; hBOm NuG /?: Ku; |Z lm VR WlG p

g VR! {kOG O*G VR8 &\OB CA Nu; d;R v V@OY. Y

= 9&!-B Trust Authority CA #:.! |Z lm VR outCA.us.

companyA.com; !vm g|nO fN W DO L': /tmp/ccprereg.regLg

O#B Secure99TOY. L mI: v$H |Z lm VR& &\H -j.. q

O! '!C5OY.

&3e f} 27

CaCertRq -m .us.companyA.com -M outCA.us.companyA.com -h -r /tmp/ccprereg.reg -P 1835Secure99

URI v$

Y% CAG CA h~; hBOm NuG /?: Ku; UO Zx D0Z(URI,

D0Z |VN- L _ URL: !e O]{N O' }US) Wl8N &QOB CA

Nu; d;R v V@OY. Y= 9&!-B Windows NT& G` _Lm pg

Trust Authority CA #:.! .xyz.com8N !*B URI VR& !vg g|n

O fNM DO L': a:\ccprereg.regLm O#B Secure99TOY. L mI: v

$H URI& ckH -j.. qO! '!C5OY.

CaCertRq -u .xyz.com -h -r a:\ccprereg.reg -P 1835 Secure99

V: URIG ke NP: IP VR! wTGn Vv JB Q 23 dLvG :DNS V

R v$;!- 3mQ Mz ?OQ T"; {s_ UOY. L fl $.w O

!X_ UOY.

p:d. Wq v$

Y% CAG CA h~; hBOm NuG /?: Ku; ?OQ RDN(sk{ 8

P L'); !vB p:d. Wq Wl8N &QOB CA Nu; d;R v V@

OY. Y= 9&!-B AIX & G` _Lm pg Trust Authority CA #:.!

&xH RDNz O!OB RDN, /C=US/O=companyA/OU=departmentB& !v

g g|nO fNM DO L': /tmp/ccprereg.regLm O#B Secure99TOY.

L mI: v$H RDN& ckH -j.. qO! '!C5OY.

CaCertRq -n "/C=US/O=companyA/OU=departmentB" -h -r /tmp/ccprereg.reg -P 1835 Secure99

V: Trust Authority!-B Y= |DL DN! gkKOY.

/C=country/O=organization/OU=organizational_unit/CN=common_name

CA -v NW !K

CA -v NWB CA -vM |CH pg .#hG; bOUOY. CA -v NW

B Y= '!!- !KR v V@OY.


% 6. CA -v NW


/usr/lpp/iau/etc/TrustAuthority/logs/

caSS.log.xnnnnnn


Authority\etc\TrustAuthority\

logs\caSS.log.xnnnnnn

)b!B caSS.logsB O*G NW

DO L' :[L V@OY. u NW

! [:I '6Y xnnnnnn.eZ!

O*? u!UOY.

CA -v sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) CA -vG

sB& !KR v V@OY.

v AIX G fl:


2. AN<: %& !KOm L AN<:& #8JC@.

iauAutoCa


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.


/usr/lpp/iau/bin

4. L mI; TBO) 1835 w.! $s{8N @dO4Bv !KOJC@.

ServerControl -i -c -k CA -n server -p 1835 -l"logfile"

)b- serverB w. 1835M ,|H CA -vG L'Lm logfile:

ServerControlmIG az& bOOAB NW DOG L'TOY.

w.! :x{8N @dQ fl, C:[! Y= ^Cv! %CKOY.

[CA] -q:! -v!- G` _S; [email protected], w.: 1835.

)b- -vB w. 1835M ,|H -vTOY.

v Windows NTG fl:



&3e f} 29

3. AN<: G; 1COJC@.

4. iauAutoCA.exeAN<:& #8JC@.


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.



6. L mI; TBO) 1835 w.! $s{8N @dO4Bv !KOJC@.


)b- serverB w. 1835M ,|H CA -vG L'Lm logfile:



[CA] -q:! -v!- G` _S; [email protected], w.: 1835.

)b- -vB w. 1835M ,|H -vTOY.

RA -v |.

L }!-B Trust Authority RA -vG n5 W |. ANC`n& 3mUOY.

RA -vB RA %:)>z CA -v gLG kE; 3.UOY. L -vB DB2

%LM#L: N:O:M T2 NC bh! sVUOY.

Y=: RA -v& |.Ob 'X v`X_ OB 8:)TOY.

v RA gkZ _! /?.<& gkO) gkZ& RA |.ZN- C:[! _!

OJC@.

v IniEditor& gkO) jonahra.ini 8: DO; /fOJC@.

– RA -v ;kZ w. /f.

– RA z5 #] /f.

– RA gC5 #] /f.


– p:d.MG kE; 'X RA 3$; /fOJC@.

v RA -v NW !K.

v RA -v sB !K.

RA |.Z _!

uNn RA |.Z& C:[! _!OB M: gkZG %STOY. RA |.Z

sBN GQN)H gkZB Trust Authority nO @kANW% 8: DO! v

$H RA ANDO _ O*! $GH bI; vÒm &QH Zx! W<:R v

V@OY.

uNn RA |.Z& _!OAi, 8:)& vÒB % JdQ $8& rb 'X

gkZ ::N RA |.Z! Gn_ UOY. Y=; v`X_ UOY.

v SSL jslz Nu; d;Om _}X_ UOY.

v DB2 %LM#L:& 68O) jslz NuG d; 9Ze!- $8& Kv

X_ UOY. gkZ ::N& RA |.ZN _!OB % L $8! JdUO

Y.

v Y% gkZ& _!R v V5O gkZ ::N& RA |.ZN- Trust

Authority C:[! _!X_ UOY.

L }!B Uz RA Z] um-& r: Y= RA |.Z& _!Ob 'Q AN

Cz! *M V@OY.

9x0 RA |.ZN- MO& _!

gkZ ::N& RA |.ZN- Trust Authority C:[! _!OAi Y= \

h& vÒJC@.

1. Fw _!Ov JRYi jslz Nu; {kOm .8OJC@. nO [w!

kQ Z<Q ;k: gkZ H;-& |mOJC@.

2. DB2 mI` k-D <G; C[OJC@. gkZ n5 <&! {s Y= A

NCz <. _ O*& gkOJC@.

v AIX G fl:

a. mI ARA.!- su mI; TBO) Trust Authority& 3!Q gk

ZG |. h$8N |/OJC@.

&3e f} 31

b. Trust Authority gkZ! kQ O#& TBOJC@.

c. db2& TBO) DB2 <G; C[OJC@.

d. DB2 mI ARA.!- Y=; TBO) %LM#L:N ,aOJC@.

pkrfdb! ,a

L fl!-B b; nO %L8#L: pkrfdbN #VKOY.

v Windows NTG fl:

a. Windows 58p=!- C[ → ANW% → Windows NTk DB2 →

mI` AN<-& 1COJC@.

b. ARA.!- DB2& TBOJC@.

c. connect to pkrfdb& TBOJC@.

L fl!-B b; nO %L8#L: pkrfdbN #VKOY.

3. DB2 mI ARA.!- Y=z 0: SQL mI; TBOJC@.

select last_name, first_name, credential_uuid, created_on from requests wherelast_name = 'yourlastname' and first_name = 'yourfirstname' and profile_namelike '%BrowserCert%'

:xR fl, C:[: O!OB pg 9Ze! kQ d;H :, L', Z] u

m- UUID W C#RN; .OUOY. L fl .OH $8B jslz Nu

! kQ d; 9ZeNNM IOY.

4. gkZ ::N& RA |.ZN- _!R ' gkI Z] um- UUID& b

OOJC@.

5. quit& TBO) DB2 <G; >aOJC@.

6. 33 dLvG 3 \h!-NM :RA |.Z _!;G v'; v`O) gkZ :

:N& RA |.ZN C:[! _!OB [w; 6!JC@.

RA |.Z _!

gkZ 6w!- 3$Q ANCz! {s, RA |.Z _! d;: qxD{N |

- #b!- 8Y xD{N @kANW% AN<:! L#bnv YgQ f}8N

&CKOY. RA |.Z! {UO5O Uz gkZ!T SSL jslz NuL _

`Gn_ UOY. gkZB Trust Authority gkZ H;-! *M VB %X j

slz b; nO ANCz& v`O) jslz Nu; d;R v V@OY.


Trust AuthorityB RA |.Z _!& 'Q mI` /?.< add_rauser& &x

UOY. L mI! gkGB 8.: 109 dLvG :RA gkZ /?.< _!;!

-G |D; kUOY.

d;; vEQ D!B Y= \h& vÒ) RA |.Z& C:[! _!OJC

@.

1. RA |.ZG SSL jslz Nu d; sB& !KOJC@.

L& vÒAi, RA %:)>! W<:Om nO GQ %:)> H;-! *

M VB 68 &b W 68 az -w ANCz& vÒJC@.

2. NuL _`H fl, L Nuz ,|H m/ gkZ D0(UUID); 8OJC

@.

L& vÒAi, BNH Nuz ,|H %LM#L: 9Ze& #F 9Ze S

:; 8JC@. E3/v _ O*& add_rausermI! gkR Z] um-

UUID S:; #B _TOY.

3. gkZ /f! {s Y= _ O*& vÒJC@.

v AIX G fl:

a. 3! root p:d.N !JC@. b; 3! root& gkOAi, mInB

Y=z 0@OY.

cd /usr/lpp/iau/pkrf/bin

b. Y=z 0L mIn& TBOJC@.

./add_rauser /usr/lpp/iau/pkrf/etc/domain.cfgYourDomain aBcpDqXyZ==

RAUser

'!:

– /usr/lpp/iau/pkrf/etc/domain.cfgB Trust Authority b; 3

! g. fN W 5^N 8: DOTOY.

– YourDomain: b; nO 5^NTOY.

– aBcpDqXyZ==B Z] um- UUIDG Q 9TOY.

– RAUserB W<: ANDOTOY.

v Windows NTG fl:

&3e f} 33

a. 3! root p:d.N !JC@. b; 3! root& gkOAi, mInB

Y=z 0@OY.

cd c:\Program Files\IBM\Trust Authority\pkrf\bin

b. Y=z 0L mIn& TBOJC@.

add_rauser c:\Program Files\IBM\Trust Authority\pkrf\etc\domain.cfgYourDomain aBcpDqXyZ== RAUser

'!:

– c:\Program Files\IBM\Trust Authority\pkrf\etc\domain.cfg

B Trust Authority b; 3! g. fN W 5^N 8: DOTO

Y.

– YourDomain: b; nO 5^NTOY.

– aBcpDqXyZ==B Nu UUIDG Q 9TOY.

– RAUserB W<: ANDOTOY.

mIL OaGi C:[L :x GB GP ^Cv& %CUOY.

RA -v ;kZ w. /f

RA -v .:J w.B RA! PKIX ^Cv& ;kOB '!TOY. L w.G

*; /fOAi Y= \h& {sJC@.


2. Trust Authority C:[; _vOJC@. JdR fl 7 dLvG :-v 8

:dR C[ W _v;! *M VB C:[ _v W C[! kQ v'; |6

OJC@.

3. IniEditor& C[Q D jonahra.ini 8: DO; NeOJC@. JdR fl 9

dLvG :IniEditor& gkQ 8: DO /f;! *M VB IniEditor C[

W gk! kQ v'; |6OJC@. AIX W Windows NT DO '!! k

X-B 10 dLvG %1; |6OJC@.

4. |[ =G; 1CO) .eOm TCPPort E3/v& 1COJC@.

5. %CH m} Je!- w. x#G *; /fOJC@.



7. IniEditor& gC[Om jonahca.ini 8: DO; NeOJC@(L DO: g

kZ 3!! {s NC GB x] bh! V; v V@OY).

8. URL =G; 1COJC@.

9. %CH m} Je!- w. x#G *; /fOJC@.



RA z5 #] /f

RA z5 #]: RA -v! GQ [we' %G z. gL #](J(s), P(m) G

B C(h) \')TOY. [wv$ C#L fzH %G dRi: 3.& 'X [wv

$KOY. z5 #]; /fOAi, Y= \h& {#JC@.




JC@.


dLvG :IniEditor& gkQ 8: DO /f;! *M VB IniEditor C[ W


-B 10 dLvG %1; |6OJC@.

4. |[ =G; 1CO) .eOm PollInterval E3/v& 1COJC@.

5. %CH m} Je!- z5 #]G *; /fOJC@.



RA gC5 #] /f

RA gC5 #]: CA!- RAN |[H z C#L RAG vg Ch C#8Y

L% fl RA! GQ CAG z. gL #](J(s), P(m) GB C(h) \')TO

Y. RA gC5 #]; /fOAi, Y= \T& {#JC@.


&3e f} 35



JC@.




-B 10 dLvG %1; |6OJC@.

4. |[ =G; 1CO) .eOm RetryInterval E3/v& 1COJC@.

5. %CH m} Je!- gC5 #]G *; /fOJC@.



RA -v NW !K

%7! %CH '!!- RA -v NW& !KR v V@OY.

% 7. RA -v NW


/usr/lpp/iau/pkrf/Domains/ YourDomain/logs/ c:\Program Files\IBM\Trust

Authority\pkrf\Domains

\YourDomain\logs\

NW DO!B

.log.random_numbers

B .eZ! V@OY.

RA -v sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) RA -vG

sB& !KR v V@OY.

v AIX G fl:


2. AN<: %& !KOm Y= AN<:& #8JC@.

iaurasvr


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.


/usr/lpp/iau/bin


4. 29783 w.! L mI; TBO) :x{8N @dO4Bv !KOJC@.

ServerControl -i -c -k RA -n server -p 29783 -l"logfile"

)b- serverB w. 29783z ,|H RA -vG L'Lm logfile:

ServerControlANW%G az& bOOAB NW DOG L'TOY.


[RA] -q:! -v!- G` _S; [email protected], w.: 29783.

)b- -vB w. 29783z ,|H -vTOY.

v Windows NTG fl:



3. AN<: G; 1COJC@.

4. iaurasvr.exeAN<:& #8JC@.


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.





)b- serverB w. 29783z ,|H RA -vG L'Lm logfile:



[RA] -q:! -v!- G` _S; [email protected], w.: 29783.

)b- -vB w. 29783z ,|H -vTOY.

&3e f} 37

p:d.MG kE; 'Q RA 3$ /f

RA -vB IBM SecureWayp:d. -vM kEO) nO AN<: |.& =

@OY. RA! p:d.M kEOB f}! 5b; L!b 'X RA -v 8: D

O!- Y= *; /fR v V@OY.

v p:d. -vG #:. L' W w.

v p:d. |.ZG DN W O#

v w:. #]

p:d. -vG #:.mz w.& ]5Ob 'Q RA 3$ /f

?z{8N p:d.M kEOb 'X-B p:d.! ;kOB $.Q w.M $

.Q #:.mL RA! JdUOY. RA! p:d. kE! gkOAB #:.m

z w.& /fOAi Y= \h& v`OJC@.




JC@.




-B 10 dLvG %1; |6OJC@.

4. LDAP =G; 1CO) .eOm Server1 E3/v& 1COJC@.

5. %CH m} Je!- #:. L' W w. x#G *; /fOJC@.



p:d. -v w:. #]; ]5Ob 'Q RA 3$ /f

w:. #]: uNn gkZ Nu GB uNn CRLz 0L p:d.N |[I

$8! VBv& 8b 'Q RA !K gLG C# #]TOY.

RAG w:. #]; /fOAi Y= \h& v`OJC@.





JC@.




-B 10 dLvG %1; |6OJC@.

4. LDAP =G; 1CO) .eOm PostInterval E3/v& 1COJC@.

5. %CH m} Je!- PostIntervalE3/vG *; /fOJC@.



(g -jC:[ |.

(g -jC:[; |.OAi (g |.ZG *R; v`Om Vn_ UOY. O

N (g |. 8:)& v`OAi O#! Vn_ UOY. (g |.Z O#& /

fX_ OB fl!B 5 dLvG :Trust Authority O# /f;; |mOJC@.

(g -vB Trust AuthorityG 5S{ AN<:N- Trust Authority 8:dRN

NM (g L%.& vEOm L& (g NW! bOUOY. L -vB DB2 %L

M#L:M T2 NC GB x] bh _ O*! 3!KOY. (g -vB CA -

vM ?OQ bh! '!X_ UOY.

Y=: (g -jC:[; |.Ob 'X v`X_ OB 8:)TOY.

v N 3G Trust Authority %LM#L: 8b& gkO) (g %LM#L:!

VB (g 9Ze& 8JC@.

v DB2 UDB 58& gkO) (g 9Ze& =vOm (g 8m-& }:OJ

C@.

v IniEditor& gkO) AuditClient.ini 8: DO; /fOJC@.

– (g -v! kQ #:. L' W w.& /fOJC@.

– (g ,sLp.NNMG L%. |[ f}; /fOJC@.

v IniEditor& gkO) AuditServer.ini 8: DO; /fOJC@.

&3e f} 39

– (g -v! ;k! gkOB w.& /fOJC@.

– (g -vN YNeOB (g ,sLp.! kQ gC5& /fOJC@.

– YNy C5 gLG C#; /fOJC@.

– L%., (g, _{ W @y NW! kQ NW 3$; /fOJC@.

v (g 88 W -m /?.<& gkO) (g NW DO; 88Om -mOJ

C@.

v (g -v %LM#L: W 88 DOG +a:; !KOAi (g +a: !K

/?.<& gkOJC@.

v (g -vG sB& !KOJC@.

v (g -v NW& !KOJC@.

(g 9Ze 8b

N 3G Trust Authority 8b& gkO) (g DB2 %LM#L:! VB (g

9Ze& < v V@OY. L %LM#L: 8b& gkOi vg %LM#L:!

zeH pg (g 9Ze& < v V@OY. (g 9ZeB audit_logsB %LM

#L: WLm! zeKOY. L WLmG 9: -: Y% WLm; |6OB *

: $v ZeN Lgn. V@OY. |6GB Y% WLm!B 9Ze! in V

B Je(%LM#L:!- WLmG -! Xg)G |< X:. 3mL* L'L w

TGn V@OY. (g %LM#L: :06! VB pg WLmG Je L' W

3m! kQ ;k: 116 dLvG :(g %LM#L: %LM;& |mOJC@.

Y= N 3G 8b& gkO) (g 9Ze& < v V@OY.

v viewar

pg X:. 3m; _.v J: sBN < v VB b; 8bTOY.

v viewar_t

L 8bB pg X:. -L 40Z \'N wnxYB !; &\OmB viewarM

?OUOY.

8b!B 41 dLvG %8! %CH - L'L wTGn V@OY.


% 8. Trust Authority(g %LM#L: 8bG - 3m

- L' 3m %LM /|

serial_num (g 9ZeG OC x# $v

sourcetime ,sLp.! (g L%.& }

:Q C#G C# RN

C# RN

createtime (g 9Ze! [:H C#G

C# RN

C# RN

L%. L%. L' varchar

source (g L%.& }:Q (g ,

sLp.

varchar

component (g L%.& }:Q (g ,

sLp.G 8:dR /|

varchar

auth_entity (g L%.& c!Q #<< varchar

auth_role (g L%.& c!Q #<<G

*R

varchar

affected_entity (g L%.! 5b; ^B #

<<G EP

varchar

affected_entity_type 5b; ^B #<<G /| varchar

storage_media (g L%.M ,|H ze5*

E<

varchar

extra_info (g L%.M ,|H _! $

8

varchar

Trust Authority (g %LM#L: 9Ze& 8Ai Y= \h& {#JC@.

1. Trust Authority gkZ(Trust Authority& 3!Q gkZ)N NWNOJC@.

2. Y= mI; TBO) (g %LM#L:! ,aOJC@.

db2 connect to your_audit_database_name

9& in, %LM#L:G L'L adtdbN fl!B Y=; TBOJC@.

db2 connect to adtdb

3. Y=z 0L Trust Authority 8b _ O*& gkO) %LM#L:& 68

OJC@.

v viewvar 8b& 68OAi Y= mI; TBOJC@.

db2 "select * from viewvar"

v viewvar_t 8b& 68OAi Y= mI; TBOJC@.

&3e f} 41

db2 "select * from viewvar_t"

(g %LM#L:G pg 9Ze! kX 41 dLvG %8!- 3mQ p

g -L %CKOY.

4. (g 9ZeG 8b& JMOAi SQL where.; gkOJC@. 9& in,

Vnx /% |'G 9Ze& 68OAi Y= mI; TBOJC@.

db2 "select * from viewar where sourcetime between '1999-07-01-08.00.00' and'1999-07-02-08.00.00'"

SQL 1C.! kQ Z<Q ;k: IBM DB2 Universal Database SQL|

6-, v| 5.2& |mOJC@. db2 mI! kQ Z<Q ;k: IBM DB2

Universal DatabasemIn |6-, v| 5.2& |mOJC@.

(g 9Ze =v

(g 9Ze& =vOb 'Q Z<Q ;k: IBM DB2 Universal Database SQL

|6-, v| 5.2; |mOJC@.

(g ,sLp.!- (g -v #:. L' W w. /f

(g -v w.B (g -v! (g ,sLp.NNM uNn ,a; ;kOB '

!TOY. (g ,sLp.! (g -vM ?z{8N kER v V5O (g ,

sLp.B (g -v! kQ $.Q #:.mz w.& !._ UOY. (g ,

sLp. 8: DO!- (g -vG #:.m W w. *; /fOAi Y= \

h& v`OJC@.




JC@.

3. IniEditor& C[Q D AuditClient.ini 8: DO; NeOJC@. JdR f

l 9 dLvG :IniEditor& gkQ 8: DO /f;! *M VB IniEditor

C[ W gk! kQ v'; |6OJC@. AIX W Windows NT 8: DO

'!! kX-B 10 dLvG %1; |6OJC@.

4. ,a =G; 1CO) .eOm HostName E3/v& 1COJC@.


5. w. E3/v& 1COJC@.

6. %CH m} Je!- (g -v! kQ w.G *; /fOJC@.



9. v$Q w. *: (g -v! VB AuditServer.ini DOG acceptor.argE

3/vG w. *z O!X_ UOY.

(g ,sLp.NNMG L%. |[ f} ]f

(g ,sLp.B (g L%.& (g -vN 8@OY. AuditClient.ini DO!

- (g 6:)& 3$O) ON L%.! (g -vN |[GB M; 7; v V

@OY. W/i ON L%.B JvTOY. 113 dLvG :(g L%.;! Jv L

%. G0! kX *M V@OY. GQ (g ,sLp.! (g -vN L%.&

8;AB 9x0 C5 LDG C5 =v& 3$R v V@OY.

L%. |[; 'Q gC5 =v /f

(g ,sLp.! Jb C5 LD! (g -vN L%.& 8;AB C5 =v&

/fOAi Y= \h& v`OJC@.




JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. ,a =G; 1CO) .eOm Retries E3/v& 1COJC@.

5. %CH m} Je!- gC5 E3/vG *; /fOJC@.



&3e f} 43

(g 6:) v$

(g 6:)& v$OAi Y= \h& {#JC@.




JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. CA =G; 1CO) .eOm ExcludedEvents E3/v& 1COJC@.

5. %CH m} Je!- (g ,sLp.! 8yOT OAB CA }: (g L

%.G L'; _!OJC@. (g L%. L': 0%N 8PX_ UOY. 1

C L%.8 v$O4Bv .NOJC@.

6. RA =G; 1CO) .eOm ExcludedEvents E3/v& 1COJC@.

7. %CH m} Je!- (g ,sLp.! 8yOT OAB RA }: (g L

%.G L'; _!OJC@. (g L%. L': 0%N 8PX_ UOY. 1

C L%.8 v$O4Bv .NOJC@. (g L%.G L'! kX 113 d

LvG :(g L%.;& |6OJC@.



(g -v! ;k! gkOB w. /f

(g -v w.B (g -v! (g ,sLp.NNM uNn ,a; ;kOB '

!TOY. (g -v 8: DO!- (g -vG w. *; /fOAi Y= \h

& v`OJC@.




JC@.


3. IniEditor& C[Q D AuditServer.ini 8: DO; NeOJC@. JdR f



'!! kX-B 10 dLvG %1; |6OJC@.

4. -v w. =G; 1CO) .eOm acceptor.arg E3/v& 1COJC@.

5. %CH m} Je!- w. x#G *; /fOJC@.



8. v$Q -v w. *: pg NC W x] AuditClient.ini DON |DGn_

UOY. $8! kX 42 dLvG :(g ,sLp.!- (g -v #:. L

' W w. /f;; |6OJC@.

(g ,sLp.!- (g -vNG YNy C5 /f

(g ,sLp.! (g -vN YNeOAB C5 =v& /fOAi Y= \h

& v`OJC@.




JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. -v w. =G; 1CO) .eOm acceptor.init.retries E3/v& 1CO

JC@.

5. %CH m} Je!- binding E3/vG *; /fOJC@. b;*: 3TO

Y.



&3e f} 45

YNy C5 gLG #] /f

(g ,sLp.! (g -vN YNeOAB C5 gLG #]; /fOAi Y

= \h& v`OJC@.




JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. -v w. =G; 1CO) .eOm acceptor.init.delay E3/v& 1CO

JC@.

5. %CH m} Je!- YNy C5 gLG C# *(J \'); /fOJC@.

b;*; 3TOY(J \' hj).



NW 3$ /f

Y=z 0: NW /|! kX AuditServer.ini 8: DOG 3$*; /fR v

V@OY.

v L%. NW — (g L%. v}zek

v (g NW — %LM#L:! +a: 8# (g L%. zek

v _{ NW — ANW% 0? _{k

v @y NW — @y ^Cvk

DO! (g L%.& v}zeOB f} /f

L%. NWB L%. v}ze! gkGB DOTOY. Y=! kQ 8: E3/

v *; /fR v V@OY.

v DO L' W L%. NW fN


v L%. NW& _!R MNv GB cD5 MNvG )N

v NW -q:! 3.OB L%.G VR I"5 9'

v NW -q:! 3.OB L%.G Vk I"5 9'

L%.G v}ze f}! 5b; L!B 3$*; /fOAi Y= \h& v`

OJC@.




JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. L%. NW =G; 1CO) .eOJC@. W1 Y=

v L%. NWG fN W DO L'; /fOAi, Y=; v`OJC@.

a. event.log.filenameE3/v& 1COJC@.

b. %CH m} Je!- fN W DO L'G *; /fOJC@.

v L%. NW& _!R MNv GB cD5 MNv )N& *8;B C!W

& /fOAi Y=z 0L OJC@.

a. event.log.appendE3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. _!G fl true

GB cD2bG fl false! KOY.

v L%. NW -q:! vxOB L%.G VR I"5 9'; /fOAi Y

=z 0L OJC@.

a. event.log.severity.min E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. 100 dLvG :L

%. I"5 9';! I"5 9'! v$R v VB * qOL *M V

@OY.

&3e f} 47

v L%. NW -q:! vxOB L%.G Vk I"5 9'; /fOAi Y

=z 0L OJC@.

a. event.log.severity.maxE3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. 100 dLvG :L

%. I"5 9';! I"5 9'! v$R v VB * qOL *M V

@OY.



%LM#L:! (g L%.& bOOB f} /f

(g NWB (g L%.& zeOB % gkGB +a: 8# %LM#L: WL

m <.TOY. (g NW!B (g L%.6Y O*?G 9Ze! wTGn V@

OY. Y=! kQ 8: E3/v *; /fR v V@OY.

v (g NW %LM#L:NG ,a; 'Q gC5 ck =v

v (g NW %LM#L: ;E; 'Q gC5 ck =v

v +a: !K 0:- GB q0:- )N

v (g NW ;E! ckGB C#>a *(J).

(g L%. bO f}! 5b; L!B 3$*; /fOAi Y= \h& v`O

JC@.




JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. (g =G; 1CQ D .eOJC@. W1 Y=

v (g NW! ,aOb 'Q gC5 ck =v& /fOAi Y=z 0L O

JC@.


a. audit.log.connect.retries E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. ]eC $v)_

UOY.

v (g NW& w%L.Ob 'Q gC5 ck =v& /fOAi,

a. audit.log.update.retries E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. ]eC $v)_

UOY.

v +a: !K; 0:- GB q0:-OAi Y=z 0L OJC@.

a. audit.log.integrity E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. 0:-G fl .

Z- true W q0:-G fl false! KOY.

v (g NW& ;EOb 'Q C#>a *; /fOAi Y=z 0L OJC

@.

a. audit.log.timeout E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. L *: #]L K

OY.



_{ NW 3$ /f

_{ NWB D;M ANW%G G` 9Ze& &xUOY. v'L G`GB x-

& 8)]OY. VN pvk q{8N gkKOY. Y=! kQ8: E3/v *;

/fR v V@OY.

v _{ 0:- GB q0:- )N

v _{ 9'

v _{ NW DO L' W fN

v _{ DO; _!R MNv GB cD5 MNvG )N

_{ NW 3$; /fOAi L \h& {#JC@.


&3e f} 49



JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. _{ =G; 1CQ D .eOJC@. W1 Y=

v _{; 0:- GB q0:-OAi,

a. trace.enable E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. 0:-G fl true

W q0:-G fl false! KOY.

v _{ 9'; /fOAi,

a. trace.level.nameE3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. L *: .Z-L

KOY. 100 dLvG :_{ 9';! _{ 9' qOL *M V@OY.

v _{ NW DO L' GB fN& /fOAi, Y=; v`OJC@.

a. trace.log.filename E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. L *: .Z-L

KOY.

v _{ DO; _! GB cD5 MNvG )N& /fOJC@.

a. trace.log.append E3/v& 1COJC@.

b. %CH m} Je!- E3/vG *; /fOJC@. _!G fl true

GB cD2bG fl false! KOY.



@y NW DO L' W fN /f

@y NW!B (g -jC:[z |CH @y ^Cv! wTKOY. @y NWG

DO L'z fN& /fOAi Y= \h& v`OJC@.





JC@.




'!! kX-B 10 dLvG %1; |6OJC@.

4. @y =G; 1CO) .eOm error.log.filename E3/v& 1COJC@.

5. %CH m} Je!- error.log.filenameE3/vG *; /fOJC@.



(g 8m- }:

(g 8m- }:! kQ Z<Q ;k: IBM DB2 Universal Database SQL|

6-, v| 5.2& |mOJC@.

(g NW DO 88 W -m

Trust Authority (g 88 W -m 58& gkO) (g NW 9Ze& 88O

m -mR v V@OY. L 58B (g 9Ze& wTOB (g -v %LM#L

: WLm; 88UOY. DB2 ]b /?.<& gkO) DO! 88UOY. -

mUOY. -n IG; v$Ov J: fl! QX-, (g 9Ze! &kN 88H

D!B pg (g 9Ze! %LM#L:!- h&KOY.

V: L /?.<& G`Ob |! Trust Authority C:[; >aR JdB x@

OY.

9& in, b; Trust Authority 3! fN& gkOm VYm !$UCY. vg

G (g -v %LM#L: (g 9Ze& my.file! 88Om 88H (g NW

DO! -mOG, (g 9Ze& %LM#L:!- h&OvB J8A UOY. L

\h& {#JC@.

1. gkZ /f! kX mI `! Y=; TBOJC@.

&3e f} 51

v AIX G fl:

AuditArchiveAndSign -c /usr/lpp/iau/etc/TrustAuthority/AuditServer.ini -n/usr/lpp/iau/arc/my.file

v Windows NTG fl:

AuditArchiveAndSign -c d:\Program Files\IBM\Trust Authority\etc\TrustAuthority\AuditServer.ini -n d:\Program Files\IBM\Trust Authority\arc\my.file

2. C:[L ARA.& %COi (g |.Z O#& TBOJC@.

azB %X bB fDkN %CKOY. F+Lj DO: .ixf .eZ& !}

OY.

mI 8. W mIG E3/v 3m! kQ ;k: 110 dLvG :(g 88 W

-m /?.<;& |mOJC@.

(g -v %LM#L: W 88 DOG +a: !K

Trust AuthorityB (g -v %LM#L: W (g 88 DO! kQ /6& (

vOb 'Q mI` /?.<& &xUOY. L 58B (g +a: !K /?.<

sm UOY. +a: !K: 8: !IQ IGTOY. L bI; gkOb 'X-

B audit.log.integrity=true& 3$O) AuditServer.ini 8: DO!- L bI;

0:-X_ UOY.

V: L /?.<& G`Ob |! Trust Authority C:[; >aR JdB x@

OY.

L /?.<& gkO) Y=z 0: %LM zeR 2k; KbR v V@OY.

L fl, (g |.Z O#& d8OB ARA.! %CKOY.

v (g -v %LM#L:

v Q3 LsG (g -v F+Lj DO

v v$H p:d. F!! VB pg F+Lj DO

9& in, AIX & G` _Lm 8: DO! kX b; Trust Authority 3! f

N& gkOm VYm !$UCY. Y=z 0: f} _ O*N 2k )N& !K

R v V@OY.

v (g -v %LM#L:& !KOAi,

1. AIX mI`! L mI; TBOJC@.


AuditIntegrityCheck -c /usr/lpp/iau/etc/TrustAuthority/AuditServer.ini -d

(g |.Z O#& d8OB ARA.! %CKOY.

2. O#& TBOJC@.

azB %X bB fDkN %CKOY.

v Q3 LsG (g -v F+Lj DO; !KOAi, Y=; v`OJC@.


AuditIntegrityCheck -c /usr/lpp/iau/etc/TrustAuthority/AuditServer.ini-a /usr/lpp/iau/arc/archive1_my.file


2. O#& TBOJC@.

L mI: fNm "Nn /usr/lpp/iau/arc/archive1_my.fileW .eZ .ixfM

.sig& .B DO; !KUOY. .ixf .eZB DB2 }: ]b |D DO;

*8@OY. .sig .eZB (g -jC:[L }:OB -m DO; *8@

OY.

v v$H p:d., L fl!B /usr/lpp/iau/arc/OG pg 88 DO; !KOA

i Y=z 0L OJC@.


AuditIntegrityCheck -c /usr/lpp/iau/etc/TrustAuthority/AuditServer.ini-A /usr/lpp/iau/arc/


2. O#& TBOJC@.

L mI: .eZ! .ixfN 88 DO p:d.;G pg DO; !KUO

Y.

Windows& G` _Lm 8: DO! kX b; Trust Authority DO fN& g

kOm VYm !$UCY. Y=z 0: f} _ O*N 2k )N& !KR v

V@OY.

v (g -v %LM#L:& !KOAi,

1. DOS ARA.!- Y= mI; TBOJC@(L fl!B c:).

&3e f} 53

AuditIntegrityCheck -c c:\Program Files\IBM\Trust Authority\etc\TrustAuthority\AuditServer.ini -d


2. O#& TBOJC@.

azB %X bB fDkN %CKOY.

v Q3 LsG (g -v F+Lj DO; !KOAi, Y=; v`OJC@.


AuditIntegrityCheck -c c:\Program Files\IBM\Trust Authority\etc\TrustAuthority\AuditServer.ini -a c:\Program Files\IBM\Trust Authority\arc\archive1_my.file


2. O#& TBOJC@.

L m I : f N m " N n!!! \P rog ram F i l es \ IBM\T rus t

Authority\arc\archive1_my.fileW .eZ .ixfM .sig& .B DO; !K

UOY. .ixf .eZB DB2 }: ]b |D DO; *8@OY. .sig .e

ZB (g -jC:[L }:OB -m DO; *8@OY. YC ;X-, ]

b |D DO! -mGm ]b |D DOG -m: .sig DO! zeKOY.

v v$H p:d., L fl!B c:\Program Files\IBM\Trust Authority\arc\OG

pg 88 DO; !KOAi Y=z 0L OJC@.


AuditIntegrityCheck -c c:\Program Files\IBM\Trust Authority\etc\TrustAuthority\AuditServer.ini -A c:\Program Files\IBM\Trust Authority\arc\


2. O#& TBOJC@.

L mI: .eZ! .ixf W .sigN DO; qTO) 88 DO p:d.;

G pg DO; !KUOY.

mI 8. W mIG E3/v 3m! kQ ;k: 111 dLvG :(g +a: !

K /?.<;& |mOJC@.


(g -vG sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) (g -vG

sB& !KR v V@OY.

v AIX G fl:


2. AN<: %& !KOm Y= AN<:& #8JC@.

java


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.


/usr/lpp/iau/bin


ServerControl -i -c -k AUDIT -n server -p 59998 -l"logfile"

)b- serverB w. 59998z ,|H (g -vG L'Lm logfile:



(g -v! vg G`_TOY.

)b- -vB w. 59998z ,|H -vTOY.

v Windows NTG fl:



3. AN<: G; 1COJC@.

4. java.exeAN<:& #8JC@.


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.


&3e f} 55



ServerControl -i -c -k AUDIT -n server -p 59998 -l"logfile"

)b- serverB w. 59998z ,|H (g -vG L'Lm logfile:



(g -v! vg G`_TOY.

)b- -vB w. 59998z ,|H -vTOY.

(g -v NW !K

(g -v NWB (g -vM |CH pg .#hG; bOUOY. (g -v N

WB Y= '!!- !KR v V@OY.

% 9. (g -v NW


/usr/lpp/iau/logs/smevents.log c:\Program Files\IBM\Trust

Authority\logs\smevents.log

(g L%.& v}zeOB % gk

GB (g -v L%. NW.

/usr/lpp/iau/logs/iausmd.log c:\Program Files\IBM\Trust

Authority\logs\iausmd.log

ANW% 0?; _{OB % gkG

B (g -v _{ NW.

/usr/lpp/iau/logs/iausmd.err c:\Program Files\IBM\Trust

Authority\logs\iausmd.err

@y ^Cv& zeOB % gkGB

(g -v @y NW.

DB2 %LM#L: |.Z

L }!-B DB2 %LM#L:G b; n5 W |. ANC`n& 3mUOY. Z

<Q $8& r8Ai DB2 UDB .-& |6OJC@.

Trust AuthorityB %10! *-H %LM#L:& gkUOY.

% 10. %LM#L: '!

N:O: %LM#L: L' 3m

cfgusr cfgdb b; Trust Authority 8: %LM#L:

cfgusr ibmdb b; CA %LM#L:


% 10. %LM#L: '! (hS)

N:O: %LM#L: L' 3m

cfgusr pkrfdb b; nO %LM#L:

cfgusr adtdb b; (g %LM#L:

ldapInst ldapdb Trust AuthorityM T2 3!H b; p:d.

%LM#L:. b8G p:d.& gk _Ls

i gkZ 6w!- '!& a$UOY.

DB2 %LM#L: sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) DB2 %L

M#L:G sB& !KR v V@OY.

v AIX G fl:

1. C:[ |.ZN AIX !- NWNOJC@.

2. mI ARA.!- su mI; TBO) Trust Authority& 3!Q gkZ

G |. h$8N |/OJC@.

3. Trust Authority gkZ! kQ O#& TBOJC@.

4. Y= mI; TBOJC@.

set DB2INSTANCE=TrustAuthority_instance

)b- TrustAuthority_instanceB Trust Authority& 3!Q gkZG g

kZ IDTOY.

5. b; 8: %LM#L:sm !$Om db2 connect to cfgdb& TBO

JC@.

,aL :x{N fl, C:[: Y=z 0: ^Cv& .OUOY.

%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = cfgdb

6. b; CA %LM#L:sm !$Om db2 connect to ibmdb& TBO

JC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = ibmdb

&3e f} 57

7. b; nO %L8#L:sm !$Om db2 connect to pkrfdb& TB

OJC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = pkrfdb

8. b; (g %LM#L:sm !$Om db2 connect to adtdb& TBO

JC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = adtdb

9. rootN G9F!- >aOJC@.

10. su mI; gkO) p:d. %LM#L: |.ZG h$8N |/OJC

@.

11. &0z T2 3!H b; p:d. %LM#L:sm !$Om db2 connect

to ldapdb& TBOJC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = ldapdb

12. rootN G9F!- >aOJC@.

v Windows NTG fl:


2. DB2 mI "; C[OJC@.

3. Y= mI; TBOJC@.

setDB2INSTANCE=TrustAuthority_instance

)b- TrustAuthority_instanceB Trust Authority& 3!Q gkZG g

kZ IDTOY.


4. b; 8: %LM#L:sm !$Om db2 connect to cfgdb& TBO

JC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = cfgdb

5. b; CA %LM#L:sm !$Om db2 connect to ibmdb& TBO

JC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = ibmdb

6. b; nO %L8#L:sm !$Om db2 connect to pkrfdb& TB

OJC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = pkrfdb

7. b; (g %LM#L:sm !$Om db2 connect to adtdb& TBO

JC@.


%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = adtdb

8. Y= mI; TBOJC@.

setDB2INSTANCE=ldap_Instance

)b- ldap_InstanceB &0z T2 p:d.& 3!Q fl ldapInstT

OY.

9. &0z T2 3!H b; p:d. %LM#L:sm !$Om db2 connect

to ldapInst& TBOJC@.


&3e f} 59

%LM#L: -v = DB2/NT 5.2.0SQL GQN) ID = TrustAuthority_instanceNC %LM#L: 0m = ldapInst

10. DB2 mI "; >aOJC@.

DB2 NW !K

DB2 NWB 6[C Trust Authority! GX gkGv J@OY. NW! |Q b

8 $8B IBM DB2 .-& |6OJC@.

p:d. -v |.

L }!-B IBM SecureWayp:d.G b; n5 W |. ANC`n& 3m

UOY. ON p:d. |. 8:)& v`Ob 'X-B O#& KF_ UOY.

p:d. |.Z O#& /fX_ OB fl!B 5 dLvG :Trust Authority O

# /f;; |mOJC@.

L p:d.B LDAP(f. p:d. W<: ANd]) p:d. %X; vxUO

Y. DB2 %LM#L:& kUOm NC GB x] bh _ O*! V; v V@

OY. b8G -v! 8gR v5 Vm Trust Authorityk8N /0w 3!Gm 8

:H MO v5 V@OY.

IBM SecureWay Trust Authority! p:d.M s#[kOB f}! kX Z<

w KAi Trust Authority! VB SecureWayp:d. gk; |6OJC@. L

.-B IBM SecureWay Trust Authority% gL.G sLj/. dLv!- g

k!IUOY.

p:d. -v sB !K

gkZ /f! {s, Y=z 0: ANCz <. _ O*& v`O) p:d. -

vG sB& !KR v V@OY.

v AIX G fl:


2. AN<: %& !KOm Y= AN<:& #8JC@.

slapd



22 dLvG :.&! Xa;! *M VB v'; |6OJC@.


/usr/lpp/iau/bin

4. p:d.! L mI; TBO) :x{8N @dO4Bv !KOJC@.

isdirup -h server -a port -p default_installation_path_of_Directory -t1

)b- serverB p:d.! G` _N bhG L'Lm portB p:d. -

v! ;kOB w.TOY.

p:d.! :x{8N @dQ fl, C:[! Y= ^Cv! %CKOY.

isdirup: returning: 0

v Windows NTG fl:



3. AN<: G; 1COJC@.

4. slapd.exeAN<:& #8JC@.


22 dLvG :.&! Xa;! *M VB v'; |6OJC@.



6. p:d.! L mI; TBO) :x{8N @dO4Bv !KOJC@.

isdirup -h server -aport -p default_installation_path_of_Directory -t1

)b- serverB p:d.! G` _N bhG L'Lm portB p:d. -

v! ;kOB w.TOY.

p:d.! :x{8N @dQ fl, C:[! Y= ^Cv! %CKOY.

isdirup: returning: 0

&3e f} 61

p:d. -v NW !K

%11! %CH '!!- p:d. -v NW& !KR v V@OY.

% 11. p:d. -v NW


/usr/lpp/iau/tmp/slapd.errors c:\p:d. 3! fN\tmp\slapd.errors\ p:d.! kQ @y

NW

4758 O#- ZAN<- |.

4758 O#- ZAN<-B Trust AuthorityG 1C{N 8:dRN-, m:IG

DES W RSA O#- AN<:& &xOB ANW!VL !IQ /6 (v bI

G O#- PCI v: +eTOY. Trust AuthorityG 4758 vx bI: AIX !-

8 gkR v V@OY.

csufcnm /?.& gkO) 4758G sB& !KR v V@OY.

4758 O#- ZAN<-B NW& }:Ov J@OY. W/*, 4758! .&! V

B fl!B Xg eV! {% .O Ze W xN Ze! Ws v]KOY. .O

Ze W xN ZeM W! kQ 3mL in VB w}{ qO: IBM 4758 CCA

b; -q: |6- W H;-!- < v V@OY. k3B L Ze& gkO)

9q .& Xa; v`R v V@OY.

Z<Q ;k: IBM 4758 O#- ZAN<-! kQ H;-& |mOJC@.


&4e $8

L e!-B Trust Authority C:[; 8Y ?2{8N |.OB % 5rL G

B 3m $8& &xUOY. L e!- YgB V&!B O]{N Trust Authority

8H .&S FOs, Trust Authority Nu b|(CA), nO b|(RA) W (g -

j C:[! |Q $8! wTKOY.

Trust Authority 8H

IBM Trust AuthorityG 8H W EZ p(G /!: Y=z 0@OY.

v Trust AuthorityB 0 b] n5; v`OB pg RA.~nG Ze -m; g

kUOY.

v Trust AuthorityB 8:dR Z] um-(0 W Nu n)G ze W W<:!

KeyStores& gkUOY. 8:dR KeyStores! zeH Z] um-B &xH

O#NNM 5bH 0& gkO) O#-KOY.

v Nu q{; 'X 8:dR# kE; -mUOY. 9& ii RAM CA #G

PKIX ^Cv! -mKOY.

v AIX C:[G fl, Trust AuthorityB -m 0! kQ 4758 Oe~n b]

8# bI; v`UOY.

W<: &n qO

ACL(W<: &n qO): /$ ZxG gk; GQL VB gkZN &QOb '

Q ^?Or; &xUOY. ACL; gkOB Trust Authority 8:dRB CA, RA

W p:d.TOY.

CAB ACL; gkO) Nu [:z 0: CA bI! kQ W<:& &QUOY.

RAB ACL; gkO) d; BNz 0: RA bI! kQ W<:& &QUOY.

p:d.B ACL; gkO) N(Q $8& wTR v5 VB p:d.G YgQ

NP! kQ W<:& &QUOY.


Nu b|

CA(Nu b|)u 6wG 8H $%; XvOm Nu |DG 8H |Z EP; v

$R %SL VB #<<& ;UOY. CA Z<G 3Nk 0N -mH Nu!B N

u 8/Z! kQ EP W b8 $8! wTGn V@OY.

IBM Trust Authority CAB Y= [w; v`UOY.

v CAB RANNMG Nu _`, ;E W kR d;; 3.UOY.

v BNH RA W |. cg gkZG DNL in VB W<: &n qO; DO

c! /GG 8#& ^8g |.UOY.

v Nu sB, OC x# W CRL $8 n; &xOB CA %LM#L:! _`H

Nu(ICL) qO; /vUOY.

CA! ICL $8& Trust Authority RA! |^Oi RAB Nu W CRL; p

:d.! x%UOY.

CA %LM#L:! zeH 9ZeB 8#& 'X MAC(^Cv Nu Ze)&

gkUOY. L 9ZeG Ku: +a: KuLsm OB Trust Authority I

GTOY.

v Z<G 0 W Nu; Trust Authority KeyStore! zeUOY.

v 8H |C L%.! kQ (g 9Ze& }:O) (g -v! |[UOY.

v s# Nu W CA h~; vxUOY.

v gkZ $G W gkZ 1C Nu .eL wTH NuG }: W /?: Ku

; vxUOY.

CA h~

CA h~Lu O*G CA! 86G G '! '!Om W F!! W 3 LOG >

S CA ~L '!OB EZ 86& ;UOY. CA& kX nOH gkZ* -v

B Xg CA! -mQ Nu; ^T Gg s' vXG Nu h~; hBUOY.

Trust Authority!-B CA& h~G ONN 8:R v V8g, L fl Xg CAG

Nu: Y% CA! -mUOY.

CA! Z< -m Nu; vxO5O 8:R v V@OY. L flG CAB CA h

~! |)Ov J@OY.


Nu .e

X.509v3 Nu .e: gkZ GB xk 0! _! S:; ,|C0m CA h~

; |.Ob 'Q v\; &xUOY. X.509v3 |D; kX gkZ }\: Xg

}\! m/Q $8& |^Ob 'Q 3Nk GB xk .e; $GR v V@O

Y.

NuG " .e: El _dOE* _dOv J: M8N v$R v V@OY.

X.509v3 |DG Nu; gkOB C:[: C:[L NDOv xOB _dQ .

eL _}R fl Nu; E}X_ UOY. W/* _dOv J: .e; NDO

v xOB fl!B L& +CR v V@OY.

Nu .e!B < !v /|L V@OY. Y=: Nu .eG /|TOY.

v %X .e

v xk .e

v 3Nk .e

%X .e

%X Nu .e: ITU %X RFC 2459! W GLM 8.L $GGn VB Nu

.eTOY. Li: GQ O*& &\Oo pN! X.509v3! $GGn V@OY.

Li _ 9: v! CA Nu ;!-8 $GKOY. %12! *M VB T" O!

-, Trust AuthorityB kNPG %X .eL Nu! _!I v V5O UOY.

% 12. Nu .e

.e 3m

0 gk L .e: 8uGB xk 0G gk q{; %CUOY.

3$*: VN Nu [C..! GX $GKOY.

V< 3< L' L .e!B CA& kX 8uGB xk 0! ,aH #<

<G 3< L'(YgQ L' gD; gk)L O* Ls w

TGn V@OY. Nu [C..B VN Li gD _ X

g [C..& gkOB Nu! gkI v VB gD;

$GUOY.

&4e $8 65

% 12. Nu .e (hS)

.e 3m

V< 0 D0Z L .e: /$ Nu! GX NuGB xk 0& D0UO

Y. 1w{N k5B ?OQ #<<! kX )/ 3G 0!

NuGE* NuGn V; ' 0& 80OB MTOY.

IBM SecureWay Trust Authority!-, W *: Ws

CA! GX 3$KOY.

GQ 0 D0Z L .e: Nu _`Z! -mR ' gkQ xk 0& D

0UOY. 1w{N k5B ?OQ _`Z! kX )/ 3

G 0! NuI ' 0& 80OB MTOY. W *: Ws

CA! GX 3$KOY.

3Nk 0 gk b# L .e: Nu /?: Ku b#G ON! XgOB 3N

k 0G gk; &QUOY. vg PKIX Nu ANDO

RFC 2459B L .eG gkL uLs GeGv J=;

v$UOY.

Nu $% .e L .e!B OCG $% %Cb! wTKOY. $% %C

bB GL& x3X_ OB @j'. D0ZN8 8:I

v V@OY. 1C{8N, LM: @j'. D0ZM G5

H $%G 8.8N 8:I v5 V@OY. $% 8.;

KvR v VB URLL* Nu! wTH #+Q X:.

8.L $% 8.; &xR v5 V@OY.

_`Z 3< L' L .e!B YgQ L' gD _ O*& gkOB Nu

_`Z& 'Q O* LsG 3< L'L in V@OY.

W *: Ws CA! GX 3$KOY.

V< p:d. S: L .e!B 8P L'G ON! FQ, Xg V<M |C

Q OCG _! p:d. S:L in V@OY. _dOv

JF_ UOY.

.e 0 gk L .e: 8uGB xk 0G gk q{; vCOB OC

G @j'. D0Z& wTUOY. 3$*: VN Nu [

C..! GX $GKOY. L .eG *: gkZ xk<

! GX $GGE* RFC 2459!- D}I v V@OY.

b; &QgW L .e: CA Nu!8 /kOg, IBM SecureWay

Trust Authority! GX }:H pg CA Nu! 8gU

OY. Y% NuG fl LM: Ws 8gOv JE* q

n V8g, RFC 2459!-B s sB8YB 8gOv J

B J; GeUOY. NuL CA NuS; vCOB M \

!5, _!N Nu !IQ CA 9' v& v$OB Vk

Nu fL fN& wTR v5 V@OY. L .e: El

_dX_ UOY.


% 12. Nu .e (hS)

.e 3m

L' &QgW L .e: CA Nu!-8 gkKOY. L Nu; wTO

B CA* Xg CA! NuQ CA! GX _`H Nu ;

G pg V< L' W V< 3< L'L '!X_ OB

L' x#; v$UOY. L .eG q{: L NuG f

N!- Nu! GX gkI v VB L'; &QOB M

TOY. &`: ckGE* &\GB L' -j..! |

CO) $GKOY. ckGB -j.. qO! *8*B

$8M +|OT, &\GB -j.. qOG &`z O!

OB L': /?Ov J@OY. L .e: El _dX_

UOY.

$% JN L .e: CA Nu!-8 gkKOY. Trust AuthorityB

VJG d;; }:Q Nu!-B L .e; 3$Ov J

@OY.

$% &QgW CA Nu!-8 gkGB L .e: N !v q{! gk

I v V@OY. Nu fN! VB Nu!-G $% JN

; 7E*, W/Q Nu!- /$ $%; d8R v V@

OY.

CRL Ph wN. L .e: L NuG kR $8& wTOB NP{ CRL

L VB eR& vCUOY. LM: vg Trust Authority

! GX [:H Nu!-B 3$Gv J@OY.

GQ $8 W<: L .e: .eL *8*B NuG _`Z! |Q /$

$8& W<:R v VB eRM f}; vCUOY. LM

: vg IBM SecureWay Trust Authority! GX [:

H Nu!-B 3$Gv J@OY.

xk .e

Trust AuthorityB \O q%X .e; xk .e8N $GOg, L/Q xk .

e: Trust Authority& G`OB pg 6w! GX gkI v V@OY. LM:

#:. EP JN .eTOY. L .e: Nu V<& #:. C:[G Xg EP

z ,|C5OY.

3Nk .e

Trust Authority& gkOb 'X [:H ,sLp. #<< @kANW%: EP

W 8.L Xg @kANW%!8 {kGE* gkZ x?< ;!- x/GB .

e; $GR v V@OY. L/Q .e: _dOv JF_ UOY. .e; 3=8

&4e $8 67

N $GR fl, .e! @j'. D0Z& RgOm ITU %X X.660 W ISO %

X 9834-1! VB 6W! {s .e; nOX_ Og, Xg 8.5 *C nOX

_ UOY.

.e d; e'

.e: gkZ! GX d;I v V8*, CA GB CA& kEOB RA! .eG

/?:; KuX_ UOY. AN<: e': Y=z 0@OY.

1. gkZ! .e; d;Om .e! JdQ $8(m/Q .e D0Z W * w

T)& &xOm .eL _dQv )N& v$UOY.

2. .e d; W $8! RAN |[GB Nu d;G ON! KOY.

3. Nu d;; 3.OB ?H RA GB CA! 6wG Nu $%! kX .e;

/?-Om .e d;; /fOE* +CUOY. .eL /?-Gi CA! W

M; 8uUOY.

Nu kR qO

CRL(Nu kR qO)Lu CA! kRQ NuG qO8N- pvP -m W C#

RNL {kH qO; ;UOY. L qOG Nui: ck R!N #VKOY.

Nu: /? b#L !*E* UsH M8N )\z ' kRI v V@OY. Nu

sBB ICL!- /fKOY. :IYH C#! CAB Xg OC x#& wTOm

kRH NuG CA DN; _`OB CRL; [:UOY. NuL kRI ' ICL!

- Nuz Xg $8! /fGus5, CRLL _`Gn p:d.! x%I 'nv

kRB V${N ML FUOY.

Trust Authority!- x%H CRLG vmz CRL x% #]: CA 8: DON

jonahca.ini!- 3$OE* v$R v V@OY.

s# Nu

s# Nu: Nu _`! gkGB 3Nk CA -m 0M ,|H xk CA 0&

wTOB NuL Q CA! GX Y% CAN _`GB EZ p(TOY. O]{8


N s# Nu; gkO) O*G nO 5^N! wTH ,sLp. C:[L* #

e #<<! Y% nO 5^N! wTH ,sLp. C:[L* #e #<<M H

|OT kER v V@OY.

s# Nu: CAi gL!- gfb8N Lgnz v VB ]i, Trust Authority

!-B \fb s# Nu d;8 vxKOY. " CA! skf8NNM s# Nu

; 9fOT T8Na gfb s# Nu; v`R v V@OY.

Nu

Nu: #<<* 3N! kQ pvP Nu; [:OB MTOY. Trust Authority

G fl, RA! GQ Nu d;G r! W BN D!8 NuL _}UOY. nO

G azN-, CAB Nu; _`UOY.

pvP Nu

pvP NuLu EZR v VB & 3Z! 3NL* #<<! kX _`Q |Z

Z] um-& ;UOY. " Nu-B CA 3Nk 0& gkO) -mL Lgn}

OY. 3N, qvO:, 6w<G Ex; 8uUOY.

CA *R! {s-B NuL NM]s!- e-business& v`Ob 'Q RvZG

GQ; umUOY. n2 GL!-B pvP NuL n| icuL* Gk 9w u

m-M 0: *R; UOY. o, L pvP Nu: Xg 3Nk 0G RvZ! /

$ e-business0?; v`R v VB GQL V=; umUOY.

Nu!B NuQ #<<! 3NNv bhNv GB D;M ANW%Nv! |Q $

8! in V@OY. o, Xg #<<! NuH xk 0! V@OY.

Trust AuthorityG fl, _`GB Nu /|: 6wG qnO: $%z O|KO

Y.

8P L'

DN(8P L')Lu p:d.! zeH %LM WqG m/ L'; ;UOY. DN:

DIT(p:d. $8 ..)sm OB p:d.G h~ 86!- Q WqG '!&

%CUOY.

&4e $8 69

L 86!B O*G g.M, g.!- PbGB v9:(&Q x=) ke! wTG

n V@OY. " keB S:8N D0GB O*G p:d. Wq; *8@OY.

p:d. Wq! kQ DN %v}: p:d. ,sLp. W p:d. -v W<

: ANd]G 8. d8gW! {s Y(OY.

IBM SecureWayp:d.& gkOB Trust AuthorityG fl, p:d. WqG

DN: Y=z 0: |D; !}OY.

/C=US/O=IBM/OU=Trust Authority/[email protected],CN=Chris Smith

)b- USB 9!(C)& *8;g, IBM: 6w(O), Trust AuthorityB 6w ;

G N-, [email protected]: |Z lm VR(MAIL), Chris SmithB 8k

L'(CN); *8@OY.

_`H Nu qO

ICL(_`H Nu qO)Lu CA! _`Q Nuz NuG vg sB! kQ O|

Q qO; ;UOY. Nu: OC x#M sB0N vN-Gn V@OY. ICL: CA

! |.Og CA %LM#L:! zeKOY. L qO: CRL(Nu kR qO)!

x%X_ R Nu; G0OB % gkKOY. Trust Authority ICL!B Y=G b

IL wTGn V@OY.

v ODBC(Open database connectivity)8v(Trust Authority!-B DB2& k

X)

v +a:; 'Q %LM#L: 9ZeG 1C{ MAC gk(ODBC |k)

v O#- 0 W MAC 0G 18S %u

v b; Vk*! GX &QGB Y_ ,a(:9eg) vx

v (g NW bI! kQ W<:

-m W -m /?: Ku

-mLu 3Nk pvP 0& gkO) -m; [:OB MLm, KuLu Xg x

k 0& gkO) -m; KuOB M; ;UOY.

Trust AuthorityB -m /?: Ku! PKIX b] O#- #x; gkUOY. L

&0: @kANW%L $8& O#-Om X6R v V5O UOY. L &0; g

kOi @kANW%L pvP -m; KuOm, p:d.G Nu; KvOm, N


u; EZR v VBv )N& G0R v V@OY. L O#- #x: GQ Oe

~n b] O#-& xROT vxUOY. L &0: GQ IBM 4758 PCI O#

- ZAN<- 0: Oe~n b] O#- e!* PKCS #11NMdL:& vx

OB Oe~n d+; O.OT vxUOY.

O#- W KeyStore n5; v`OB pg Trust Authority RA.~nB O#

- #xL -mUOY.

nO GQ

RA(nO GQ)u pvP NuG |.{ bI; 3.OB -v AN<:& ;UO

Y. Trust Authority!-, RAB d;; BN GB ENR v V8g, Nu; k

RR v V@OY. Xg 6wG qnO: W Nu $%L {kG5O 8eUOY.

RA |.Z

RA |.ZB Trust Authority RA %:)>; gkO) nO d;! kQ |.

8:)& v`UOY. RA |.Z! L/Q 8:)& v`R v V8Ai Xg |

.Z& RA |.ZN nOX_ UOY. nO [w! kQ Z<Q ;k: 32 dL

vG :RA |.Z _!;& |mOJC@.

RA %:)>; gkO) RA |.ZB Nu d;G sB& 68R v V@OY

(vEJ, 8y _, BNJ, E}J W OaJ). RA %:)>G b8 68 Je!B

:m, w%L.H /%, [:O W Nu 8bOL wTGn V@OY. RA %:)

>L WLm! 68N NX KvH 9Ze& %CR ', RA |.ZB az! k

X 6!& kR v V@OY(9& ii, nO d; BN GB E}, Nu ;E s

BG kR GB /f).

nO 5^N

nO 5^NLu Zx, $%, /$ Nu nO AN<:M |CH 8: IGG }U

; ;UOY. 5^N L': nO [w; #bOB % gkGg @kANW%; m

/OT D0OB URLG O' }UTOY. Trust AuthorityB Trust Authority 3

!g O*G nO 5^N; vxUOY.

&4e $8 71

4758 O#- ZAN<-

IBM 4758 O#- ZAN<-B ANW!V !IQ /6 ]@ bIG O#- PCI

v: +eN- 6wL gkOB -m 0G bP:z +a:; 8eUOY. L Z

AN<-B IBM CCA(xk O#- F0X3) API& gkO) DES W RSA O

#-& wTQ O#- -q:G w}{N }U; &xUOY. DES W RSAB s

w{ O#- C:[!- !e N. gkGB Km.rTOY. W/* L O#-B

J+ -X- 6wL gkOB 0 |. f}L C:[!- @wA u k`Q NP

L Gb5 UOY. 0! UsGi Xg 0N O#-H %LM! O|w kbI v

5 Vb '.TOY. IBM 4758: Y=G bI; kX W/Q 0! kQ w}{

N 8#& .eUOY.

v |k Oe~n ;! zeH /v 0& gkQ 0G 3_ O#-

v >\# %LM kEG 8#

v /fR v VB *R W ANDOG ANW%{N 3$

v 9x R!IQ 0 [:; 8eOb 'Q Oe~n b] -v }:b gk

O#- AN<:B +e! ;eH 8H e!!- Lgn}OY. +e 3h fD:

FIPS PUB 140-19' 4 %XG v]Q d8gW; XvUOY. RA.~nB ;

eH 8H e!!- G`KOY.

Trust Authority!- 4758: CA -m 0 }: bI; &xUOY. 4758L }:

Q 0B 4758 6:M 0& gkQ 0 O#-& kX L +e! 8#UOY. CA

0B 0 zeR* 4758! zeI v V@OY.

4758: 1CgWLv8 AIX C'{!-8 gkR v VB Trust AuthorityG G

e 8:dRLb5 UOY.


:6. +e

:6. +eu k3 Ek+e )bG ^kk O#- e!& ;UOY. L +eB

Nu W 0& zeOB % gkI S8 FOs +e!- 3Nk 0& X&Ov J

m O#- 6[(/w -m); v`OB %!5 gkKOY. pg gkZ! :6.

+e Oe~n& W<:R v VB M: FOGN, Trust AuthorityB G& :6

. +e! gkGm VB M33 bIOB !s :6. +e& &xUOY.

Trust Authority ,sLp. gkZB !s W G& :6. +e! Nu; ze

R v V@OY. Trust Authority ,sLp. @kANW%G gkZ! Nu d;

; &bOi, 3Nk 0! gkZG !s GB G& :6. +e! zeKOY. N

uL BNGi L 0B gkZ!T G9A}OY. :6. +e! zeGB Nu:

+e! zeH 3Nk 0M ?OQ 0 D0Z& gkO) Xg 3Nk 0M ,|

I v V@OY.

CA W RA "": 3Nk 0M W! k@OB Z< -m Nu; Xg :6. +

e! zeUOY. LN NX, 3Nk 0& :6. +e \NN kbC0v Jm5

RAB ^Cv! -mR v Vm CAB CRL W Nu! -mR v V@OY.

Trust AuthorityB :6. +e ze5*! kQ PKCS #11 NMdL:& 8v

UOY.

(g

Trust Authority (g -jC:[: ]6 jw %X X9.57!- bzQ GegW

; b]8N Q 6! |C 8H NW& vxUOY. LB (g NW& 88 W |

.Om (g 9ZeG +a: !K; v`R v V5O UOY.

(g -jC:[: ,sLp. sLj/.M (g -vN Lgn. V@OY. (

g -vB BNH ,sLp.NNM (g L%.& vEOm +a: 8# (g N

W! L%.& bOUOY. pg (g 9ZeB DB2 %LM#L:! zeKOY.

(g L%. *C DO! bOKOY. (g 68 W 8m 58B DB2 UDB! &

xGn V@OY.

&4e $8 73

(g 9Ze

(g 9ZeB (g NW DB2 %LM#L:! zeKOY. (g NW!B (g

L%.6Y O*?G 9Ze! wTGn V@OY. (g NW %LM#L:B ]

6 jw %X X9.57!- d8OB /6 (v bI; vxOb 'X 3hH MT

OY. " (g 9ZeB OC x#N m/OT D0KOY.

(g L%.

Trust Authority (g L%.B 8H |C 8:)! _kQ gWL _}OB f

l! L& %COB 9ZeTOY. (g -vB ,sLp.NNM (g L%.&

vEO) +a: 8# (g NW! bOUOY.

Trust Authority (g L%.B Y= |VN PyKOY.

v 0 |. L%.

0G 8H |.M |CH L%.N-, Xg L%.! JdQ eR W C#! g

kZ!T &xKOY.

v Nu |. L%.

pvP NuG |.M p:d.G Nu W CRL! kQ $8& /v8vOB z

$!- }:H L%.TOY.

v 8H (v L%.

+a: !K, Nu W Nu /?: Ku nG 8H (v 8:)G v` z$!

- }:H L%.TOY.

v (g |.Z 6! L%.

(g |.ZG *Rz |CH 6! z$!- }:H L%.TOY. (g |.Z

G *R: 6wL gkOB 8H $%; 8vOB MTOY.

v RA L%.

RA! v`Q 6! z$!- }:H L%.

(g L%.! kQ Z<Q |m $8B 113 dLvG :(g L%. Je;& |

mOJC@.


(g L%. 6:)

Trust Authority!- (g L%. 6:)B (g -v! G&N |[GB (g L

%.& &nOb 'Q bI; &xUOY. 6:) v$! 5b ^v JB (g L

%.G 'S O' }UL V=; VGOJC@.

(g 6:) v$! kQ Z<Q ;k: 44 dLvG :(g 6:) v$;; |m

OJC@.

'S k 1C{ (g L%.

Jv{N (g L%. O' }UL V@OY. L }U: (g ,sLp. 8: D

OG 6:) v$! 5b; ^v J@OY. Jv W 1C{ (g L%.& G0O

Ai 113 dLvG %19& |6OJC@.

+a: !K

Trust AuthorityB (g 9Ze! qc!H v$L `Xvv JR=; .NOB 5

8& &xUOY. L 58& (g +a: !K 58sm UOY. +a: !K: q

c!H )3; fvOB %LM bP: 8#MB Y% bITOY.

(g -vB " 9Ze! -mOv J@OY. W kE, " 9Ze sG ^Cv N

u Ze(MAC)& hjOm |< %LM#L:! kQ MAC& /v8vUOY.

+ a : ! K : 8 : ! I Q I G T O Y . L b I ; g k O b ' X - B ,

AuditServer.ini 8: DO!- audit.log.integrity=true3$8N L bI; 0:

-X_ UOY. L E3/v /f! kQ Z<Q ;k: 48 dLvG :%LM#L

:! (g L%.& bOOB f} /f;; |mOJC@.

+a: @N

Trust Authority!- +a: @NLu 88H (g NW %LM#L:G -m; ;

UOY. L DO! kQ -m: Trust Authority (g 88 W -m mI` 58

& kX v`KOY.

&4e $8 75

(g NW 88

Trust AuthorityB (g 88 W -m mI` 58& kX 8inx 88 DO!

kX vg (g NWG 88; vxUOY.

DB2 %LM#L:

IBM DB2 Universal Database(DB2 UDB)B |h| %LM#L: |. C:[

8N- Java vx bI; wTQ % gk !I C:[TOY. Trust Authority!

- L C:[: Y= 8:)& v`UOY.

v pvP NuG nO AN<:! kQ $8& |.UOY.

v pvP Nu! kQ d;; BNOE* E}Ob 'X v`H RA 6!! kQ

$8& zeUOY. L $8B (g q{8N gkKOY.

v Trust Authority nO @kANW%G |]{N [w NO! kQ n5 kh&

&xUOY.

v Trust Authority CA, RA, (g -jC:[, p:d. W Trust Authority 8

: %LM& 'Q %LM#L:& &xUOY.

% -v

% -vB jslz ANW%8NNMG $8 Zx d;! @dOB -v ANW

%TOY. Trust AuthorityB L/Q W.v) .#hG; 'Q EZR v VB b

]; &xOb 'X IBM WebSphere<.G RA.~n &0; gkUOY.

WebSphere Application ServerW IBM HTTP -v 5r; : Trust Authority

!- % -v! bIOb 'X ON86& &xUOY.

Trust Authority C:[!-, % -v RA.~nB RAM ?OQ bh! V@O

Y. LM: 8#GB ANW%z Li; W<:OAm OB gkZ #! H|Q f

h& &xUOY. OL[X:. |[ ANd](HTTP W HTTPS)z SSL(Secure

Sockets Layer)bz; gkT8Na, % -v &0: ,sLp.M -v #G k

E; O#-R v V@OY. GQ, ,sLp. Nu; v`O) qc!H W<:*

%LM F[5; 7; v V@OY.


IBM WebSphere Application Server

IBM WebSphere Application Server(WAS)B % @kANW%G |.M |3

& kLOT Ob 'X pZNH Java @kANW% -vTOY. WASB jsl

zNNMG HTTP d;; 3.Om HTTP ANd]; gkO) HTML; YC

jslzN |^OB #:. % -v! 3!X_ UOY. WebSphere! 3!I ',

WebSphereB Xg #:. % -vG 8:; v$O) % -v! /$ d;; 3

.O5O OB kE Li d;L 3.& 'X WebSphereN fNgv$G5O U

OY. WASB #:. bh!- Java 3_ W 18S /f; LkUOY. L Java

/f: WebSphere! Trust Authority nO @kANW%L gkOB Java AN

W%; G`R v V5O UOY.

IBM HTTP Server

Trust Authority -vB 3--v, 3-w. p(; gkO) ,sLp. d;; 3.

UOY. gkZ 6w: IBM HTTP -vG \O N:O:& 3!Om YgQ !

s #:. L'z w.& 8:O) YgQ d; /|; 3.ObN 1C_; v5

V@OY.

L p(; gkO) Trust AuthorityB Y= /|G d;; 3.UOY.

v O#-* Nu; JdN Ov JB d;.

v O#- W -v Nu; JdN OB d;.

v O#-, -v Nu W ,sLp. Nu; JdN OB d;.

%13!-B L/Q 8: kHi; d`UOY.

% 13. IBM HTTP -vk 3--v, 3-w. p(

ANd] SSL -v Nu ,sLp. Nu \O IPG y

C w. x#

Y_ IPG y

C w. x#

HTTP R!I R!I R!I 80 80

HTTPS !I !I R!I 443 443

HTTPS !I !I !I 1443 443

IP 0m v$

NM] bz!-, 0m: -v! RgGn #:. bhG L'z -v& 8POB

L'TOY. 0m: C:[G 5^N L' C:[(DNS)! $GGn_ UOY.

&4e $8 77

p:d. -v

Trust AuthorityB IBM SecureWayp:d.& gkO) X.509 pvP Nu,

CRL(Nu kR qO), CA $%z nOGB -v W gkZ! kQ b8 $8&

zeUOY. L p:d. -vB p:d.!- /$ N0 GB -vG m/ DNL

* b8 |C $8& =vO) Xg N0L* -vG xk 0 Nu; #B % g

kKOY.

L -vB LDAP(f. p:d. W<: ANd]) %X; vxOg DB2 UDB&

b]8N gkUOY. 63| pU8N G`GB L -vB ,sLp./-v p(

; gkO) Trust Authority! -v! W<:R v VT Om, % b] NMdL

:& gkO) p:d.& 3$ W /v8vOE* p:d.G %LM& < v V

@OY. p:d.B b8 -vO v5 Vm Trust Authority& 'X /0w 3!

Om 8:Q -vO v5 V@OY. IBM SecureWay Trust Authority% gL.

G sLj/. dLv! VB Using the SecureWay Directory With Trust

Authority& |6OJC@.


@j'. D0Z

@j'. D0Z(OID)B @j'.M ,|H *8N Y% *iz 80 !IQ *

TOY. " ASN.1 $G OIDB Q ..G ke& |:UOY(DITM /g). @j

'. D0Z ..B Xg g.! ITU Ge X.680! GX RgH Mz O!OB

..TOY. $!i: Xg $!(F)G !!L* F)G 3w!)!- F)& Rg

R %SL VB |. b|(administrative authority)! XgUOY(N $!; ,

aOB <WU.).

..G " F)B }Z*N @j'. D0Z 8:dR! GX 9LmL Y)}O

Y. D0GB " @j'.!B $.OT Q 3G $!(O]{8N .A)L RgG

g, ?OQ $!! Y% @j'.(?OQ GB Y% /|G)! RgGv J@OY.

{s-, g.!- @j'.! RgH $!nv Q fN ;G pg F)! 9Lm

; YLB OCG }Z*(@j'. D0Z 8:dR)! GX, @j'.! m/Om

m.OT D0KOY.


http://www.ibm.com/software/security/trust

g. YN F!!B vg < 3G *L $GGn V@OY. Li: 0, 1 W 2TO

Y.

v 0: CCITT GegW! RgKOY.

v 1: ISO GegW! RgKOY.

v 2B N 6w! x?8N RgKOY.

9& in, p:d. %Xk8N 9`H pg OIDB 6N. CCITT/ISO * 2 F

!! @g, @j'. D0Z 8:dR 5! RgGz@OY. {s-, p:d. %X

@j'.G pg OIDB "Nn 2.5N C[KOY.

&4e $8 79

&5e |6gW

L e!-B Y=! kQ |6 $8! &xKOY.

v 8: DO

E3/v L', 3m W |D! kQ $8! wTKOY. Xg E3/v! Jv

Nv 1C{Nv )NM g8: !I )N& v$UOY.

v mI

L $8!-B Trust Authority mI` /?.<! gkGB 8. W E3/v

! kX 3mUOY.

v (g L%. Je

L }!-B Trust Authority (g L%.! wTGn VB $8& *-Om 3

mUOY.

v (g L%.

L }!-B (g L%.& *- W 3mOm L%.! JvNv GB 1C{

Nv& v$UOY.

v (g %LM#L: %LM

L }!-B (g L%. 9Ze! |h| %LM#L: WLm! zeGB f

}; 3mUOY. GQ, %LM! zeGB 9ZeG Je L'(GB WLm ;

G - L')z Je 3m W %LM |D; &xUOY.

8: DO

L }!-B Y= 8: DO! gkGB E3/v! kX 3mUOY.

v CA -v 8: DO jonahca.ini

v RA -v 8: DO jonahra.ini

v (g -v 8: DO AuditServer.ini

v (g ,sLp. 8: DO AuditClient.ini


DO 3m

8: DO; n 3G =G8N *)n. V@OY. " =G: k}# S! in

VB S.[(9: [section])N C[UOY. =G H!B, L'z * VG |D8N

H O* LsG vC.L V; v V@OY(9: parameter=value).

)b! %CH WLm: C:[ |.& 'X m}GB Trust Authority 8: DO

; 8:OB pg =Gz E3/v& D0UOY. Y=G -L %! gkGz@O

Y.

v E3/v

v 3m

v b; 8: DG *

L -: b;*; %CUOY(VB fl). b;*L VB fl!B Xg E3/

v! 1C{N MLg W8v J: fl!B JvTOY.

v b; 8: DG /f H| )N?

L -: v$H *G /f )N! |Q H;gW; &xUOY.

L C:[: xi; +CUOY. &CGB \' v$ZB CY% x-N *8*_

UOY.

CA -v 8: DO

83 dLvG %14!-B CA -v 8: DO jonahca.ini E3/v! kX 3m

UOY.


% 14. CA -v 8: DO

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

[OID] m/OT Wq; D0OB %X b] ^+Or

C= 9!! kQ OID 2.5.4.6 R!I

O= 6w! kQ OID 2.5.4.10 R!I

OU= 6w! kQ OID 2.5.4.11 R!I

CN= xk L'! kQ OID 2.5.4.3 R!I

L= v*! kQ OID 2.5.4.7 R!I

ST= sB! kQ OID 2.5.4.8 R!I

T= &q! kQ OID 2.5.4.12 R!I

id-dsa= DSA! kQ OID 1.2.840.10040.4.1 R!I

id-dsa-with-sha1= SHA-1!- DSA! kQ OID 1.2.840.10040.4.3 R!I

rsaEncryption= RSAO#-! kQ OID 1.2.840.113549.1.1.1 R!I

sha-1WithRSAEncryption= RSAO#-& wTOB SHA-1

! kQ OID

1.2.840.113549.1.1.5 R!I

sha1= SHA-1! kQ OID 1.3.14.3.2.26 R!I

hmac-sha1= SHA-1XCH ^Cv Nu Ze

! kQ OID

1.3.6.1.5.5.8.1.2 R!I

pkcs7-data= PKCS #7! kQ OID 1.2.840.113549.1.7.1 R!I

pkcs12-certbag= Nu i! kQ OID 1.2.840.113549.1.12.10.1.3 R!I

pkcs12-keybag= 0 i! kQ OID 1.2.840.113549.1.12.10.1.1 R!I

X509-Certificate= X.509Nu! kQ OID 1.2.840.113549.1.9.22.1 R!I

PasswordBasedMAC= O# b] MAC! kQ OID 1.2.840.113533.7.66.13 R!I

MyPolicy= CertPolicy =G!-

PolicyName1! kQ OID Wq

9

1.34.67.7 R!I

&5e

|6

gW

83

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

My Lite Policy= CertPolicy =G!-


9

2.4.1.0 R!I

[AsymmetricKeyAlgs]

DSA= DSA 0 Km.rG $G id-dsa R!I

RSA= RSA 0 Km.rG $G rsaEncryption R!I

[AsymmetricEncAlgs]

DSA= DSA O#- Km.r $G. id-dsa R!I

[AsymmetricSigAlgs]]

DSAwithSHA1= SHA-1 -m Km.r; wTO

B DSAG $G. GUI GB -v

& kQ %C W Km.r 1C!

gkKOY.

id-dsa-with-sha1 R!I

RSAwithSHA1= SHA-1 -m Km.r; wTO

B RSAG $G. GUI GB -v

& kQ %C W Km.r 1C!

gkKOY.

sha-1WithRSAEncryption R!I

[ObjectStore]

Name= CA %LM DO! gkGB DO

:[(.eZ x=)

caObjectStore R!I

Path= IBM SecureWay Trust

Authority CA DOL VB }k

fN

Windows NTG fl: c:\Program

Files\IBM\Trust Authority\etc\TrustAuthority\

AIX G fl: /usr/lpp/iau/etc/TrustAuthority/

R!I

[CertPolicy] " -m Km.r!B OID =G! 1pH Xg OID! Vn_ UOY. " $% L'!B OID =G! k@OB OID! Vn_ UOY.

84T

rustA

uthority:C

:[

|.

H;

-

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

SigAlg1= 9x0 -m Km.rG $G.

OID =G! k@OB WqL V

n_ UOY.


StartTimeSpecifiable= d;Z(RA! kQ ,sLp. #

<< GB CA! kQ RA)! C

[ C#; v$R v VBvG )

N.

T R!I

MaxLifeTime= NuG Vk vm(C#). 8760h R!I

LifeTimeDef= b; Nu vm(/%). 180d R!I

KeySpecifiable= d;Z(,sLp. GB #<<)!

V<G xk 0& v$R v VB

v )N

T R!I

KeyUsageSupported= 0 gk .eL vxGBvG )

N.

T R!I

KeyUsageRequired= 0 gk .eL JdQvG )N. F R!I

PolicyCritical= $%L _dX_ OBv )N. F R!I

PolicyRequired= $%L JvNv )N F R!I

PolicyName1= Ow $%G L'. OID =G!

k@OB OID! Vn_ UOY.

MyPolicy R!I

Policy1Org= Xg $%; JdN OB 6wG

L'

gkZG 6w R!I

Policy1Notice1= Policy1z ,|H Notice1 3 R!I


UserNoticeText1= EZ ksL P; }{ km. G

B VGgWz Gga$ bX

}{ km. GB VGgW R!I

&5e

|6

gW

85

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

CPS1= policy1G vC.; P; v VB

URL

http://localhost/index.html R!I

PolicyName2= Lw $% L'. L E3/v!

&CGB fl!B OID =G!

k@OB OID! Vn_ UOY.

My Lite Policy R!I


URL


TimeBetweenCRLs= :IYH CRL x% gLG b;

C#

1d !I

CRLDuration= CRL vm 2d !I

[CrossCertPolicy]

SigAlg1= 9x0 -m Km.rG $G.

OID =G! k@OB WqL V

n_ UOY.


StartTimeSpecifiable= d;Z(,sLp. GB #<<)!

C[ C#; v$R v VBv )

N

T R!I

MaxLifeTime NuG Vk vm 8760h R!I

LifeTimeDef NuG b; vm. 180d R!I


V<G xk 0& v$R v VB

v )N

T R!I


N.

T R!I


PolicyCritical= $%L _dX_ OBv )N F R!I

86T

rustA

uthority:C

:[

|.

H;

-

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?



k@OB OID! Vn_ UOY.

MyPolicy R!I

Policy1Org= Xg $%; JdN OB 6wG

L'

gkZG 6w R!I




B VGgWz Gga$ bX

}{ km. GB VGgW R!I


URL.


PolicyName2= Lw $% L'. My Lite Policy R!I

CPS2= Policy2vC.; P; v VB

URL.


TimeBetweenCRLs= :IYH CRL x% gLG b;

C#

1d !I

CRLDuration= CRL vm 2d !I

[General]

MyName= ,sLp. #<<G DN /C=US/O=Your Organization/OU=Trust

Authority/CN=Trust Authority CA

R!I

DefaultRA= b; RA 1 R!I

PreferredCryptoProvider= O#- &xZ! kQ GUID($

* m/ D0Z).

dda0c1e0-7b73-11d0-8e0c-0004ac602b18 R!I

CertperDP= Pj v! g Nu v 0 R!I

&5e

|6

gW

87

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

CRLDistName= Nu! pTGB Pj v!G L

'

MyCRLDistName%d R!I

TempPath= SC DO ze5*G fN. Windows NTG fl: c:\Program

Files\IBM\Trust Authority\etc\TrustAuthority\

AIX G fl: /usr/lpp/iau/etc/TrustAuthority/

R!I

PathToDLLs= PKIX sLj/.! zeGB f

N.

Windows NTG fl: c:\pkix\

AIX G fl: /usr/pkix/

R!I

RA1= Xg CA! kQ RAG DN. /C=US/O=Your Organization/OU=Trust

Authority/CN=Trust Authority RA

R!I

[Transport]

TCPPort= CA! ;kOB TCP w.. 1830 !I

TCPHost= CA! VB bhG #:. L'. gkZG #:. L' R!I

PollInterval= z5 #] 10s !I

[KeyStore]

CurKeyStore= gk _N KeyStore VSC R!I

[VSC] L E3/vB CurKeyStoreE3/v! VSC *L VB fl! JvTOY.

Model= gkGB ze5* /| PKCS11_STORAGE_MODEL R!I

Guid= $* m/ D0Z 7F529C80-C942-11D1-8FB0-0004AC61389A R!I

InitialSOpw= (g |.ZG Jb O# SOPIN R!I

TokenDir= !s :6. +e! kQ |< f

N W DO L'.

Windows NTG fN: c:\Program

Files\IBM\Trust

Authority\etc\TrustAuthority\caKS.fil

AIX G fl: /usr/lpp/iau/etc/TrustAuthority/caKS.

fil

R!I

88T

rustA

uthority:C

:[

|.

H;

-

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

4758GUID= 4758+e! kQ GUID. 474d0880-b44c-11d1-b1cf-002035680b00 R!I

Use4758= CA! 4758; gkOBvG )N

! kQ %Cb.

false R!I

4758ProfileUserid= 4758ANDOG gkZ ID.

Use4758=trueO fl!8 gk!

I.

IBMCA001 R!I

4758ProfilePassPhrase= 4758ANDO! kQ O#.


I.

Secure99 R!I

4758Retain= CA! 4758RetainIG; gkO

BvG )N. Use4758=trueO f

l!8gk!I.

false(RETAIN IG(GeGv J=)! kX-8

true)

R!I

4758KeyLength= 47580G fL. gk!IQ *:

512, 1024W 2048.


I.

512 R!I

[TrustPolicy]

UseCRLs= CRLW ARL; /?: Ku A

N<:! gkX_ OBv )N

T R!I

AllowExpiredCRLs= 8bH CRLG /? )N F R!I

AllowFutureCRLs= L!G /%& !vB CRLL /

?Qv )N

F R!I

AllowExpiredCertificates= 8bH NuG /? )N F R!I

AllowFutureCertificates= L!G NuL /?Qv )N F R!I

&5e

|6

gW

89

% 14. CA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

AllowCRLSearchToFail= Xg _`Z! kX- CRL GB

ARL; #v xOB fl! @y

Nv )N

F R!I

MaximumChainSearchDepth= x/{ !N l1 <N 8: _

ckGB Vk <N mL

15 R!I

[RemoteServer]

MaxSessions= 6$ E3/v 16 R!I

EncryptionPolicy= iWsne -vM Xg x] |

.Z! pN ?OQ C:[! 8

gOB fl, Q gL!- O#-

$%; gkR MNv )N

F R!I

NumAdmins= 8uGB |.Z v 0 R!I

Admin1DN= Administrator1G DN. gkGv J= R!I

[ICL]

IclOdbcProvider ODBC! kQ &xZ /|. UDB R!I

IclOdbcDriverConnect ICL! kQ %LM#L: L'. DSN=ibmdb R!I

MACLabel 0 zeR! VB MAC 0! k

Q 9Lm.

CA_MAC_Key R!I

[URLs]

/C%EQ%US/O%EQ%Your

Organization/OU%EQ%Trust

Authority/CN%EQ%Trust Authority

RA=pkix://localhost:829

L Wq: 8: C RAG URL

W DNz T2 3$KOY.

RA DN !I

90T

rustA

uthority:C

:[

|.

H;

-

RA -v 8: DO

92 dLvG %15!-B RA -v 8: DO jonahra.ini E3/v! kX 3mU

OY.

&5e |6gW 91

% 15. RA -v 8: DO

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

[OID]

C= 9!! kQ OID 2.5.4.6 R!I

O= 6w! kQ OID 2.5.4.10 R!I

OU= 6w \'! kQ OID 2.5.4.11 R!I

CN= xk L'! kQ OID. 2.5.4.3 R!I

L= v*! kQ OID. 2.5.4.7 R!I

ST= sB! kQ OID. 2.5.4.8 R!I

T= &q! kQ OID 2.5.4.12 R!I

id-dsa= DSA! kQ OID 1.2.840.10040.4.1 R!I

id-dsa-with-sha1= SHA-1!- DSA! kQ OID 1.2.840.10040.4.3 R!I

rsaEncryption= RSAO#-! kQ OID 1.2.840.113549.1.1.1 R!I

sha-1WithRSAEncryption= RSAO#-& wTOB SHA-1

! kQ OID

1.2.840.113549.1.1.5 R!I

sha1= SHA-1! kQ OID 1.3.14.3.2.26 R!I

hmac-sha1= SHA-1XCH ^Cv Nu Ze

! kQ OID

1.3.6.1.5.5.8.1.2 R!I

pkcs7-data= PKCS #7! kQ OID 1.2.840.113549.1.7.1 R!I

pkcs12-certbag= PKCS #12Nu i! kQ OID 1.2.840.113549.1.12.10.1.3 R!I

pkcs12-keybag= PKCS #120 i! kQ OID 1.2.840.113549.1.12.10.1.1 R!I

X509-Certificate= X.509Nu! kQ OID 1.2.840.113549.1.9.22.1 R!I

PasswordBasedMAC= O# b] MAC! kQ OID. 1.2.840.113533.7.66.13 R!I

MyPolicy= CertPolicy =G!-


9/

1.34.67.7 R!I

92T

rustA

uthority:C

:[

|.

H;

-

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

My Lite Policy= CertPolicy =G!-


9.

2.4.1.0 R!I

[AsymmetricKeyAlgs]

DSA= DSA 0 Km.rG $G id-dsa R!I

RSA= RSA 0 Km.rG $G rsaEncryption R!I

[AsymmetricEncAlgs]

DSA= DSA O#- Km.r $G. id-dsa R!I

[AsymmetricSigAlgs]]

DSAwithSHA1= SHA-1 -m Km.r; wTO

B DSAG $G. GUI GB -v

& kQ %C W Km.r 1C!

gkKOY.

id-dsa-with-sha1 R!I

RSAwithSHA1= SHA-1 -m Km.r; wTO

B RSAG $G. GUI GB -v

& kQ %C W Km.r 1C!

gkKOY.


[ObjectStore]

Name= RA %LM DO! gkGB DO

L'(.eZ x=).

raObjectStore R!I

Path= IBM SecureWay Trust

Authority RA %LM DOL V

B }k fN.

Windows NTG fl: c:\Program Files\IBM\Trust

Authority\pkrf\Domains\YourDomain\etc\

AIX G fl: /usr/lpp/iau/pkrf/Domains/

YourDomain/etc/

R!I

[IssuerCertPolicy]" -m Km.r!B OID =G! 1pH Xg OID! Vn_ UOY. " $% L'!B OID =G! k@OB OID! Vn_ U

OY.

&5e

|6

gW

93

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

SigAlg1= -m Km.rG $G. OID =G

! k@OB WqL Vn_ UO

Y.


StartTimeSpecifiable= d;Z(RA! kQ ,sLp. #

<< GB CA! kQ RA)! N

u C[ C#; v$R v VBv

G )N.

T R!I

MaxLifeTime= NuG Vk vm 8760h R!I

LifeTimeDef= b; Nu vm 180d R!I


V<G xk 0& v$R v VB

v )N

T R!I


N.

T R!I





k@OB OID! Vn_ UOY.

MyPolicy R!I

Policy1Org= 1w $%; JdN OB 6wG

L'

gkZG 6w R!I

Policy1Notice1= Policy1z ,|H Notice1. 3 R!I

Policy1Notice2= Policy2M ,|H Notice2. 17 R!I


B VGgWz Gga$ bX

}{ km. GB VGgW R!I

94T

rustA

uthority:C

:[

|.

H;

-

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

CPS1 policy1G vC.; P; v VB

URL


PolicyName2= Lw $% L'. L E3/v!

&CGB fl!B OID =G!

k@OB OID! Vn_ UOY.

My Lite Policy R!I


URL.


EERevokeRequests= ,sLp. #<<! Nu kR&

d;R v VBvG )N. ANY

B ,sLp. #<<! ZEL

d;Q NuG kR& d;R v

V=; GLUOY. NONE: ,

sLp. #<<! Nu kR&

d;R v x=; GLUOY.

SG R!I

[IssuerCrossCertPolicy]

SigAlg1= 9x0 -m Km.rG L'.

OID =G! k@OB WqL V

n_ UOY.


StartTimeSpecifiable= d;Z(,sLp. GB #<<)!

C[ C#; v$R v VBv )

N

T R!I


V<G xk 0& v$R v VB

v )N

T R!I


N.

T R!I


&5e

|6

gW

95

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?




k@OB OID! Vn_ UOY.

MyPolicy R!I

Policy1Org= 1w $%; JdN OB 6wG

L'

gkZG 6w R!I




B VGgWz Gga$ bX

}{ km. GB VGgW R!I

CSP1 Policy1vC.; P; v VB

URL.


PolicyName2= Lw $% L'. My Lite Policy R!I


URL.


EERevokeRequests= ,sLp. #<<! Nu kR&

d;R v VBvG )N. ANY

B ,sLp. #<<! n0Q

NuLg NuG kR& d;R

v V=; GLUOY. SELFB

,sLp. #<<! ZEL d;

Q NuG kR& d;R v V=

; GLUOY. NONE: ,sL

p. #<<! Nu kR& d;

R v x=; GLUOY.

ANY R!I

[General]

96T

rustA

uthority:C

:[

|.

H;

-

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

MyName #<<G 8P L'. /C=US/O=Your Organization/OU=Trust

Authority/CN=Trust Authority RA

R!I

Issuer1 L RAG CA! kQ 8P L'. /C=US/O=Your Organization/OU=Trust

Authority/CN=Trust Authority CA

R!I

Issuer1URL1 L RAG CA! kQ URL. pkix://servername:1830 !I

TempPath= SC DO ze5*G fN. Windows NTG fl: c:\Program Files\IBM\Trust

Authority\pkrf\Domains\YourDomain\etc\

AIX G fl: /usr/lpp/iau/pkrf/

Domains\YourDomain/etc/

R!I

PathToDLLs= PKIX sLj/.! 3!H fN. Windows NTG fl: c:\pkix\

AIX G fl: /usr/pkix/

R!I

[Transport]

TCPPort= RA! ;kOB TCP w.. 829 !I

TCPHost= RA! VB bhG TCP/IP #:

. L'.

gkZG #:. L' R!I

PollInterval= z5 #] 30s !I

RetryInterval= CA!- RAN |[GB z C#

L RAG vg Ch C#8Y L

& fl, RA! GQ CAG z.

#G C#.

1m !I

[KeyStore]

CurKeyStore= gk _N KeyStore VSC R!I

[VSC] L E3/vB CurKeyStoreE3/v! VSC *L VB fl! JvTOY.

Model= gkGB ze5* /| PKCS11_STORAGE_MODEL R!I

&5e

|6

gW

97

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

GUID= $* m/ D0Z 7F529C80-C942-11D1-8FB0-0004AC61389A R!I

InitialSOpw= (g |.ZG Jb O# SOPIN R!I

TokenDir= !s :6. +e! kQ |< f

N W DO L'.

Windows NTG fl: c:\Public Files\IBM\Trust

Authority\pkrf\Domains\YourDomain\etc\raKS.fil

AIX G fl: /usr/lpp/iau/pkrf/Domains/

YourDomain/etc/raKS.fil

R!I

[TrustPolicy]

UseCRLs= CRLW ARL; /?: Ku A

N<:! gkX_ OBv )N

T R!I

AllowExpiredCRLs= 8bH CRLG /? )N F R!I

AllowFutureCRLs= L!G /%& !vB CRLL /

?Qv )N

F R!I

AllowExpiredCertificates= 8bH NuG /? )N F R!I

AllowFutureCertificates= L!G NuL /?Qv )N F R!I

ApplyNameConstraintsToEEOnly= <NG pg Nu! L' &`;

{kR MNv GB 6v7 Nu

!8 {kR MNv )N

F R!I

AllowCRLSearchToFail= Xg _`Z! kX- CRL GB

ARL; #v xOB fl! @y

Nv )N

F R!I

MaximumChainSearchDepth= x/{ !N l1 <N 8: _

ckGB Vk <N mL

15 R!I

[LDAP]

NumServers= LDAP-vG v 1 R!I

98T

rustA

uthority:C

:[

|.

H;

-

% 15. RA -v 8: DO (hS)

E3/v 3m b; 8: DG * 8: DG /f

H| )N?

Server1= LDAP-vG #:. L' W w

. x#

hostname:port !I

PostInterval= p:d.! %CR $8! VBv

.NOb 'Q !K #].

5m !I

[RemoteServer]

MaxSessions= 6$ E3/v 16 R!I

EncryptionPolicy= iWsne -vM Xg x] |

.Z! pN ?OQ C:[! 8

gOB fl, Q gL!- O#-

$%; gkR MNv )N

F R!I

NumAdmins= 8uGB |.Z v 0 R!I

Admin1DN= Administrator1G DN. gkGv J= R!I

CurrentAdminPort vg |. w.. gkGv J= R!I

[ICL]

IclOdbcProvider ODBC&xZ /| UDB R!I

IclOdbcDriverConnect ICL! kQ %LM#L: L'. DSN=pkrfdb R!I

[URLs]

/C%EQ%US/O%EQ%Your

Organization/OU%EQ%Trust Authority/

CN%EQ%Trust Authority

CA=pkix://localhost:1830

L Wq: 8: C CAG URL

W DNz T2 3$KOY.

CA DN !I

&5e

|6

gW

99

(g -v 8: DO

(g -v 8: DON AuditServer.iniB (g -vG 8: /v& v$UOY. L

/vi: -vG b; n5 /!; 8:Om pvW W @y ^Cv! kQ NW

f}; v$UOY. L /vi: NWI L%.& &nOb5 UOY. Y= }!-

B 102 dLvG %16G Wq! kQ _! $8& &xUOY.

v O] -q: Zi/ E3/v

v L%. I"5 9'

v _{ 9'

O] -q: Zi/ E3/v

Y= -q: Zi/ E3/vB " -q:! kX gkR v V@OY.

v service.count -gk !IQ -q:G v

v service.x.name --q:G L'

v service.x.classname --q:G ,!: L'

v service.x.dpolicy -|^ $%G ,!: L'

v service.default.count -b; -q:G v

v service.default.x.name -b; -q:G L'

L%. I"5 9'

@kANW% L%.G I"5 9': Y=z 0@OY.

v 1 - PP s2 %C. C:[ gk R!I

v 2 - oC 3$Gn_ OB s2 %C(9: %LM#L: Us)

v 3 - El _dQ s2 %C(9: Oe e! @y)

v 4 - @y s2 %C

v 5 - fm ^Cv %C

v 6 - /0Q 3.& JdN OB s2 %C. @y s2: FT

v 7 - O]{N $8 ^Cv %C

_{ 9'

_{ 9': Y=z 0@OY.

v pN - @y, fm, $8 W L%. _{ ^Cv bO


v @y - @y ^Cv bO

v fm - @y ^CvM fm ^Cv bO

v L%. $8 - @y ^CvM L%. _{ ^Cv bO

v x= - F+ ^Cv5 bOOv J=

&5e |6gW 101

% 16. (g -v 8: DO

E3/v 3m b;* 8: DG /f

H| )N?

-v w.

acceptor.classname= vkb ,!:G L' com.ibm.irg.sysmgmt.daemon.acceptors.SMSocketAcceptorR!I

acceptor.arg= (g -v! ;k! gkOB w. 7222 !I

acceptor.init.retries= -v RO! kQ ,a C5 =v 3 !I

acceptor.init.delay= ,a C5 gLG kb C#(J) (A

NW%: J& gkUOY.)

3 !I

-q: Zi/

service.count= gk !IQ -q:G v 2 R!I

NW -q:

service.1.name= NW -q:G L' log R!I

service.1.classname= NW -q:G ,!: L' com.ibm.irg.sysmgmt.daemon.services.log.SMLogService R!I

service.1.dpolicy= NW -q: |^ $%G ,!: L

'

com.ibm.irg.sysmgmt.daemon.services.log.

SMLogDeliveryPolicy

R!I

(g -q:

service.2.name= (g -q:G L' audit R!I

service.2.classname= (g -q:G ,!: L' com.ibm.irg.sysmgmt.daemon.services.audit.SMAuditServiceR!I

service.2.dpolicy= (g -q: |^ $%G ,!: L

'

com.ibm.irg.sysmgmt.daemon.services.audit.

SMAuditDeliveryPolicy

R!I

b; -q:

service.default.count= gk !IQ b; -q:G v 2 R!I

service.default.1.name= b; -q:G L' log R!I

service.default.2.name= b; -q:G L' audit R!I

L%. 8:

irgsmd.event.config= L%. 8: DO smevents.conf R!I

102T

rustA

uthority:C

:[

|.

H;

-

% 16. (g -v 8: DO (hS)

E3/v 3m b;* 8: DG /f

H| )N?

L%. NW

event.log.filename= L%. 83k DO Windows NTG fl: c:\\Program Files\\IBM\\Trust

Authority\\logs\\smevents.log

AIX G fl: /usr/lpp/iau/logs/smevents.log

!I

event.log.append= L%. NW& _!R MNv GB

cD5 MNv )N& %COB C!

W

true !I

event.log.severity.min= L%. NW -q:! vxOB L%

.G VR I"5

1 !I

event.log.severity.max= L%. NW -q:! vxOB L%

.G Vk I"5

7 !I

(g

audit.ksfile= (g KeyStore DO. L DO: (

g O#- 0& zeOB % gkK

OY.

R!I

audit.catalog NLS+;NW DOG DO L' Windows NTG fl: c:\\Program Files\\IBM\\Trust

Authority\\catalog\\IRGVDS.DLL

AIX G fl: /usr/lpp/iau/catalog/IRGVDS.cat

R!I

audit.db.instance= (g DB2 N:O:G L' R!I

audit.db.name= (g %LM#L:G L' R!I

audit.db.connection= %LM#L: ,a |.& 'Q Km

.r

single R!I

audit.log.connect.retries= %LM#L:/NW DO! ,aOb

'Q gC5 ck =v

3 !I

&5e

|6

gW

103

% 16. (g -v 8: DO (hS)

E3/v 3m b;* 8: DG /f

H| )N?

audit.log.update.retries= (g NW& w%L.Ob 'Q gC

5 ck =v

3 !I

audit.log.timeout (g NW& w%L.Ob 'Q C#

>a *.

60s !I

audit.log.integrity= +a: !K 0:- GB q0:- true !I

_{

trace.enable= _{; 0:- GB q0:-Ob '

Q C!W

true !I

trace.level.name= _{ 9'; *8;B L' all !I

trace.event.enable= L%. _{ 0:- GB q0:- true R!I

trace.log.filename= _{ NW DO L' Windows NTG fl: c:\\Program Files\\IBM\\Trust

Authority\\logs\\iausmd.log

AIX G fl: /usr/lpp/iau/logs/iausmd.log

!I

trace.log.append= b8G _{ DO! _!R MNv

)N& %COB C!W

true !I

@y

error.log.filename= @y DOG L' Windows NTG fl: c:\\Program Files\\IBM\\Trust

Authority\\logs\\iausmd.err

AIX G fl: /usr/lpp/iau/logs/iausmd.err

!I

104T

rustA

uthority:C

:[

|.

H;

-

(g ,sLp. 8: DO AuditClient.ini

(g ,sLp. 8: DON AuditClient.iniB (g ,sLLp.G 8: /v&

v$UOY.

&5e |6gW 105

% 17. (g ,sLp. 8: DO

E3/v 3m b;* 8: DG /f H| )

N?

,a 3$

GLOBAL noname

EnableAudit= (g L%. 0:- GB q0:- true R!I

HostName= (g -v #:. gkZG #:. L' !I

Port= (g -v w. 59998 !I

AuthType= Nu ^?Or x= R!I

UseSSL= ,sLp./-v <G! SSL; gkX_

UOn? wD gk; 'X.

R!I R!I

SSLKeyDB= SSL0 %LM#L:. wD gk; '

X.

AIX G fl: /usr/lpp/iau/audit/client/ssl.kdb

Windows NTG fl: c:\Program

Files\IBM\Trust Authority\audit\client\ssl.kdb

R!I

SSLv2Token= SSL0 %LM#L: d+. wD gk;

'X.

d+ R!I

Retries= L%. |[ C5 =v 1 !I

8:dR 6:) =G

[CA]

ExcludedEvents= |[Gv J; CA L%. !I

[RA]

ExcludedEvents= |[Gv J; RA L%. ReceiptOfCertRequest !I

106T

rustA

uthority:C

:[

|.

H;

-

mI` /?.<

L }!-B Y=G mI` /?.<! gkGB 8. W E3/v& 3mUOY.

v CA Nu /?.<

v RA gkZ /?.< _!

v (g 88 W -m /?.<

v (g +a: !K /?.<

CA Nu /?.<

CA Nu /?.<B s# NuL* h~{ EZ p( _ O*& gkO) Trust

Authority CA(Nu b|) kE Y% CANNM Nu; d;R v V5O UOY.

8.

L /?.<!B Y= 8.L gkKOY.

CaCertRq[-i ipAddressMask [-I ipAddressMask]][-d dns [-D dns]][-m emailAddress [-M emailAddress]][-u uri [-U uri]][-n directoryName [-N directoryName]][-p inhibitPolMap][-h ]-r preregistrationpath-P 1835password

E3/v

O#

g|nO DOL }:I ' TBH O#

C!W:

[-i ipAddressMask[-I ipAddressMask]]

CDIF |D8N v$H IP(NM] ANd]) VR 6:). R.Z E3/v(-i)B

v$H VR IP VR 6:)& ckH -j.. qO! _!UOY. k.Z E

3/v(-I)B v$H IP VR 6:)& &\H -j.. qO! _!QYB !

; &\Om R.Z E3/vM ?OUOY.

&5e |6gW 107

9& ii, 6w XG 6:)B 9.0.0.0/255.0.0.0L Gm 6w X! VB N-

YG vg 6:)B 9.210.134.0/255.255.254.0L GB DTOY.

[-d dns [-D dns]]

DNS(5^N L' -v) VR. R.Z E3/v(-d)B v$H DNS VR& c

kH -j.. qO! _!UOY. k.Z E3/v(-D)B v$H DNS VR

& &\H -j.. qO! _!QYB !; &\Om R.Z E3/vM ?

OUOY.

VR! 6'%N C[OB fl!B Xg NS .Z-(″.″ wT)N !*B p

g #:.& *8;B MLg, DNS VR! 6'%N C[Ov JB fl!

B Xg .Z-z O!OB #:.8; *8;B MTOY.

9& in ″.orga.com″LsB &`: us.orga.com, vneto.orga.com,

w3.software.orga.comn: wTOv8, orga.com(GB kidorga.com)Z<B

wTOv J@OY. orga.comLsB &`: orga.com; wTOG us.orga.com

n: wTOv J@OY. ″.″N C[Ov JB, ckH -j..B O*G !

IQ ke8; *8@OY.

[-m emailAddress[-M emailAddress]]

|Z lm VR. R.Z E3/v(-m)B v$H |Z lm VR& ckH -

j.. qO! _!UOY. k.Z E3/v(-M)B v$H |Z lm VR&

&\H -j.. qO! _!QYB !; &\Om R.Z E3/vM ?OU

OY.

|Z lm VRB %X |D(MOe+e x=)8N 8:GE* DNS VRM ?

OR v V@OY. DNS VR& v$OB fl! gkGB T": -d IG!

- *-Q Mz ?OUOY. %X |Z lm VR& wTQ ckH -j..

B O*G !IQ gkZ8; *8@OY.

[-u uri [-U uri]]

URI. R.Z E3/v(-u)B v$H URI& ckH -j.. qO! _!UO

Y. k.Z E3/v(-U)B v$H URI& &\H -j.. qO! _!QY

B !; &\Om R.Z E3/vM ?OUOY.


URI(UO Zx D0Z)G ke NP: IP VR! wTGn Vv J: Q -d

IG!- *-Q Mz ?OQ T"; {s_ Og, IP VR! wTGn VB

fl!B WM $.w O!OB M8N k^KOY.

[-n directoryName[-N directoryName]]

p:d. L'. R.Z E3/v(-n)B v$H p:d. L'; ckH -j.

. qO! _!UOY. k.Z E3/v(-N)B p:d. L'; &\H -j

.. qO! _!QYB !; &\Om R.Z E3/vM ?OUOY.

L L': %X LDAP |D! {s_ UOY. &`!- &xH RDN(sk{

8P L') ""z O!OB L': n2 Y% RDNL &CH fls5 Xg

&`z O!OB M8N #VKOY.

-r preregistrationpath

_` C:[! GX }:H g|nO DOG fN L'.

-P 1835

1835N CAG |. w. x#.

-p inhibitPolMap

inhibitPolicyMapping .e JeG *.

L IGL &CGv JB fl L JeG b;*: 1TOY.

-h Nu d;L h~ EZ p(; gkO5O v$UOY.

RA gkZ /?.< _!

RA gkZ _! /?.<B v$H Trust Authority nO 5^N! RA |. g

kZ(GB RA |.Z)& _!R v V5O UOY.

8.

add_rauser domainconfigfile yourdomain credentialUUID accessProfile

E3/v

domainconfigfile

domain.cfg DONG }k fN. L DO!B C:[! 8:H " nO 5^

N! kQ =GL in V@OY. v$H nO 5^NG !s g. p:d.

& #B % gkKOY.

&5e |6gW 109

yourdomain

_!H RA |.Z! |.OB nO 5^N.

credentialUUID

/$ Nu d;z ,|H m/ D0Z. O]{N UUIDG \|: Y=z 0@

OY.

sp0ApHvpzvCicr1Ts8ssKw==

accessProfile

C:[! _!R RA |.ZM ,|H W<: ANDO. LM: Trust Authority

nO |. 8: DO _ O*! v$H /?Q ANDOLn_ UOY. L A

NDO: ,|H RA |.Z! v`R v VB 68, 6! nG /|; *-

UOY.

(g 88 W -m /?.<

(g 88 W -m /?.<& kX (g NW DO; 88Om -mR v V@O

Y.

8.

AuditArchiveAndSign [-c ConfigFile Path] [-n]ArchiveFileName

E3/v

-c ConfigFilePath

(g -v 8: DOG }k fN L'

v AIX !-G b; fN: /usr/lpp/iau/etc/TrustAuthority/AuditServer.ini

v Windows NT!-G b; fN : c: \Program Files\IBM\Trust

Athority\etc\TrustAuthority\AuditServer.ini

-n (g 9Ze! %LM#L:!- h&Gv J5O v$UOY.

ArchiveFileName

(g NW! bOGB DO L'G "Nn. /?.<B 88 W -m DO!

"" .ixf W .sig .eZ& _!UOY.


(g +a: !K /?.<

(g +a: !K /?.<B 88H (g 9Ze W (g -v %LM#L:! k

X +a: !K; v`UOY. L 58B Xg C:[!- +a: !KL 0:-G

n VB fl!8 ?z{TOY. L mI! gkGB 8.: Y=G |D; kU

OY.

v |D 1

L |D: (g -v %LM#L:G +a:; !KOm (g |.Z O#& d

8OB ARA.& %CUOY.

v |D 2

L |D: O* LsG (g -v 88 DO! kQ +a:; !KOm (g |

.Z O#& d8OB ARA.& %CUOY.

v |D 3

L |D: v$H p:d. F!! VB pg 88 DOG +a:; !KOm

(g |.Z O#& d8OB ARA.& %CUOY.

8.

|D 1:

AuditIntegrityCheck [-c ConfigFilePath] -d

|D 2:

AuditIntegrityCheck [-c ConfigFilePath] -aArchiveFileName1 ArchiveFileName2ArchiveFileName3

|D 3:

AuditIntegrityCheck [-c ConfigFilePath] -AArchiveFileDirectory

E3/v

-c ConfigFilePath

(g -v 8: DOG }k fN L'

v AIX !-G b; fN: /usr/lpp/iau/etc/TrustAuthority/AuditServer.ini

&5e |6gW 111

v Windows NT!-G b; fN : c: \Program Files\IBM\Trust

Authority\etc\TrustAuthority\AuditServer.ini

-a ArchiveFileName1 ArchiveFileName2 ArchiveFileName3

+a: !K ksN 88 DOG fN L' "Nn. "NnB 88z ,|H

DO <.& *8@OY.

9& in, mI -a /local/archive/archive1-1067: Y=z 0L fN L' "

Nn! /local/archive/archive1-1067N )/ DOi; AN<:UOY.

/local/archive/archive1-1067_audit_log.ixf/local/archive/archive1-1067_audit_log.sig

-A ArchiveFileDirectory

+ a : ! K k s N 8 8 D O L i n V B p : d . G f N L ' .

_audit_log.ixf W _audit_log.sig& wTOB pg DOL 3.KOY.


(g L%. Je

%18B Trust Authority (g L%.! wTGn VB $8& *-Om 3mUO

Y.

% 18. (g L%. Je

Je L' 3m

L%. L' (g ,sLp.! d+8N v$Q L%. D

0Z

5b^B #<< (g L%.! |[GB q{ 6!! 5b^B

#<<. (g ,sLp.! v$UOY.

5b^B #<< /| 5b; ^B #<<G /|. (g ,sLp.!

v$UOY.

BNH #<< n5 GQL N)H #<<. (g ,sLp.!

v$UOY.

BNH #<< *R BNH #<<G *R

ze E< {k !IQ fl, n5! |CGB ze E<.

(g ,sLp.! v$UOY.

_! $8 n5! |CH _! $8. (g ,sLp.!

v$UOY.

(g L%.

%19!-B Trust Authority (g L%.& *- W 3mOm LiL JvNv G

B 1C{Nv& vCUOY.

% 19. (g L%.

L%. 3m Jv GB 1C

0 |.

KeyGeneration O#- 0! }:Gz=; vCUOY. Mandatory

KeyImport O#- 0! IBM SecureWay Trust

AuthorityN ]TGz=; vCUOY.

1C

KeyExport O#- 0! IBM SecureWay Trust

Authority!- ]bGz=; vCUOY.

1C

KeyStorage O#- 0! zeGz=; vCUOY. Mandatory

KeyRollover O#- 0! ?OQ q{! gkGB uNn

0N k<Gz=; vCUOY.

1C

&5e |6gW 113

% 19. (g L%. (hS)

L%. 3m Jv GB 1C

KeyCompromise O#- 0! UsGz=; vCUOY. Mandatory

CAKeyDistribution CAG xk 0! p:d.! 2)3=; vC

UOY.

Mandatory

Nu |.

CertGeneration NuL }:Gz=; vCUOY. Mandatory

CertRevocation NuL kRGz=; vCUOY. Mandatory

CertRenewal NuL ;EGz=; vCUOY. Mandatory

CertSuspension NuL OC _\Gz=; vCUOY. Mandatory

CertResumption L|! OC _\H NuL 0:-Gz=; v

CUOY.

Mandatory

CRLQuery Nu kR qO(CRL)L Pt3=; vCUO

Y.

Mandatory

CRLUpdate Nu kR qO(CRL)L ;EGz=; vCU

OY.

Mandatory

SubmitCertRequest Nu d;L &bGz=; vCUOY. Mandatory

8H (v

SuccessfulAuthWithPasswordO#& gkOB Nu C5! :x_=; vC

UOY.

Mandatory

UnsuccessAuthWithPasswordO#& gkOB Nu C5! GP_=; vC

UOY.

Mandatory

SuccessfulAuthWithCert Nu; gkOB Nu C5! :x_=; vC

UOY.

Mandatory

UnsuccessfulAuthWithCert Nu; gkOB Nu C5! GP_=; vC

UOY.

Mandatory

SuccessfulCertValidation g. CAG Nu! L#B |< Nu <NL

KuGz=; vCUOY.

Mandatory

UnsuccessfulCertValidation g. CAG Nu! L#B |< Nu <NL

+?-Gz=; vCUOY.

Mandatory

PasswordChange O#& /fOAB C5! :x_=; vCUO

Y.

Mandatory

ACLUpdate W<: &n qO(ACL)!/!- gkZ GB

#<<! _!/&EGz=; vCUOY.

Mandatory

SuccessfulIntegrityCheck q IBM SecureWay Trust Authority8:d

RMG .#hG8N NQ (g 9ZeG +a

: !K C5! :x_=; vCUOY.

Mandatory


% 19. (g L%. (hS)

L%. 3m Jv GB 1C

UnsuccessfulIntegrityCheck q IBM SecureWay Trust Authority8:d

RMG .#hG8N NQ(g 9ZeG +a:

!K C5! GP_=; vCUOY.

Mandatory

SuccessfulAcquirePrivilege IBM SecureWay Trust Authority0 zeR

! kQ /$ 9'G W<:& 9fOAB C

5! :x_=; vCUOY.

Mandatory

UnsuccessfulAcquirePrivilege IBM SecureWay Trust Authority0 zeR

! kQ /$ 9'G W<:& 9fOAB C

5! GP_=; vCUOY.

Mandatory

8H dx 6!

SOAdd C:[! (g |.Z! _!Gz=; vCUO

Y.

Mandatory

SODelete C:[!- (g |.Z! h&Gz=; vCU

OY.

Mandatory

AudEventMaskChange ,sLp.! -v! |[R v VB (g L

%. <.& $GOB 6:)! /fGz=;

vCUOY.

Mandatory

CACrossCertRequest s# NuGB CA NuL d;Gz=; vC

UOY.

Mandatory

CAHierarchicalCertReq h~{8N NuGB CA NuL d;Gz=;

vCUOY.

Mandatory

RA L%.

ReceiptOfCertRequest RA! Nu d;; vE_=; vCUOY. Mandatory

ReceiptOfRevocationRequest RA! Nu kR d;; vE_=; vCUO

Y.

Mandatory

ReceiptOfRenewalRequest RA! Nu ;E d;; vE_=; vCUO

Y.

Mandatory

RequestApproval RA! Nu d;; BN_=; vCUOY. Mandatory

RequestRejection RA! Nu d;; E}_=; vCUOY. Mandatory

RequestCompletion Nu d;L OaGz=; vCUOY. Mandatory

&5e |6gW 115

(g %LM#L: %LM

Trust Authority (g %LM#L:B ]6 -q: jw %X X9.57!- xk 0

O#-! kX bzQ GegW; b]8N Q :06& gkUOY. L }!-B

Y=G %LM#L: WLm; 3mUOY.

V: L }! p^GB (g 9ZeG Je L': %LM#L: WLm!- - L

'! XgUOY.

v 0

-m, O#- W MAC(^Cv Nu Ze) }:! gkGB 3Nk/qP 0! k

Q &n WLmTOY.

v L%. I"5(event_severities)

L WLm: pg L%.G I"5& bzUOY.

v L%. &n(event_ctl)

L WLm: (gI v VB pg L%.& bzUOY.

v R:

L WLm: pg L%.G R: qO; 8/UOY.

v BNH #<<(auth_entities)

L WLm: BNH pg #<<G qO; 8/UOY.

v 5b^B #<< /|(afctd_entity_types)

L WLm: BNH pg *RG qO; 8/UOY.

v BNH *R(auth_roles)

L WLm: BNH #<<G pg *R qO; 8/UOY.

v 8:dR /|(component_types)

L WLm: pg 8:dR /|; 8/UOY.

v (g NW(audit_log)

(g NW 9Ze& 'Q V WLmTOY.

v C:[

L WLm!B |< (g C:[! {kGB $8! wTGn V@OY. L W

Lm!B `L O*8 V@OY.


0 WLm

0 WLm: (g -jC:[L gkOB pg O#- 0! kQ $8& 8/UO

Y.

% 20. 0 WLm Je

Je 3m %LM /|

key_id 0G ;N m/ D0Z smallint

alg_oid 0M ,|H Km.r varchar

label G& 0& #B % gkGB KeyStore

9Lm GB d+

varchar

integrity L JeB 9ZeG +a:; /vOB

% gkKOY.

q. %LMk varchar

L%. I"5 WLm

L WLm: L%. I"5! kQ $8& 8/UOY. Pb |k WLmLg 3

! W 8: _! NeKOY.

% 21. L%. I"5 WLm Je

Je 3m %LM /|

severity_id L%. I"5G ;N m/ D

0Z

smallint

severity_desc I"5& bzOB NLS(Z9n

vx) .Z-

varchar

L%. &n WLm

L%. &n WLm: (g ,sLp.! (g -vN |[R v VB pg L%

.! kQ $8& 8/UOY. Pb |k WLmLg 3! W 8: _! NeKO

Y.

% 22. L%. &n WLm Je

Je 3m %LM /|

event_id L%.G m/ D0Z smallint

event_desc L%.G 8b !IQ 3m. L

JeB %C q{8N gkR

v V@OY.

varchar

&5e |6gW 117

% 22. L%. &n WLm Je (hS)

Je 3m %LM /|

event_key L%.& D0Om 3mOB *

: m/ .Z-. Java Zx x

iL gkUOY.

varchar

event_severity_id Xg L%.G I"5 ID.

event_severitiesWLm! kQ

\N 0TOY.

smallint

R: WLm

R: WLm: pg (g ,sLp.G qO; 8/UOY. (g ,sLp.B (

g L%.& }:OB Trust Authority 8:dRTOY.

% 23. R: WLm Je

Je 3m %LM /|

source_id (g ,sLp.G m/ D0Z smallint

source %C q{8N gkI v VB

(g ,sLp.G D0Z. k

NPG fl!B (g ,sLp

.G DNTOY.

varchar

integrity L JeB 9ZeG +a:;

/vOB % gkKOY.

q. %LMk varchar

BNH #<< WLm

L WLm: BNH pg #<<G qO; 8/UOY. BNH #<<u (g L

%. }: 6[; c!OB #<<& ;UOY.

% 24. BNH #<< WLm Je

Je 3m %LM /|

auth_entity_id BNH #<<G ;N m/ D

0Z

smallint

auth_entity_desc %C q{8N gkI v VB

BNH #<<G D0Z. kN

PG fl!B BNH #<<G

DNTOY.

varchar


/vOB % gkKOY.

q. %LMk varchar


BNH *R WLm

L WLm: BNH #<<G *R! kQ $8& 8/UOY. Pb |k WLm

Lg 3! W 8: _! NeKOY.

% 25. BNH *R WLm Je

Je 3m %LM /|

auth_role_id BNH *RG ;N m/ D0

Z

smallint

auth_role_desc BNH *R; 3mOB NLS

.Z-

varchar

5b^B #<< /| WLm

L WLm: 5b^B #<<G YgQ /|! kQ $8& 8/UOY. 5b^B

#<<u (g L%.G }: 6[! 5b; ^B #<<& ;UOY. Pb |k

WLm: 3! W 8: C! NeKOY.

% 26. 5b^B #<< /| WLm Je

Je 3m %LM /|

afctd_entity_id 5b^B #<< /|G ;N

m/ D0Z

smallint

afctd_entity_desc 5b^B #<<& 3mOB

NLS .Z-

varchar

8:dR /| WLm

L WLm: (g ,sLp.G 8:dR /|! kQ $8& 8/UOY. Pb |

k WLmLg 3! W 8: _! NeKOY.

% 27. 8:dR /| WLm Je

Je 3m %LM /|

component_type_id 8:dR /|G ;N m/ D

0Z

smallint

component_desc 8:dR /|; 3mOB

NLS .Z-

varchar

&5e |6gW 119

(g NW WLm

(g NW WLm!B (g 9Ze! wTGn V@OY.

% 28. (g NW WLm Je

Je 3m %LM /|

serial_num (g 9ZeG m/ OC x# smallint

src_date_time Xg R:((g ,sLp.)!

L%.& }:Q C#; mCO

B C# RN

C# RN

cr_date_time (g -v! (g 9Ze& [

:Q C#G C# RN

C# RN

event_id L%.G ;N D0Z.

event_ctl WLm! kQ \N

0TOY.

smallint

source_id Xg L%.& }:Q R:G

;N D0Z. R: WLm! k

Q \N 0TOY.

smallint

component_type_id Xg L%.& }:Q R:G

8:dR /|; *8;B ;N

D0Z. component_typesWL

m! kQ \N 0TOY.

smallint

auth_entity_id L%.& c!Q #<<G ;N

D0Z. auth_entitiesWLm!

kQ \N 0TOY.

smallint

auth_role_id L%.& c!Q #<<G *R

; *8;B ;N D0Z.

auth_entitiesWLm! kQ \

N 0TOY.

smallint

afctd_entity L%.! 5b^B #<< /|

G L' GB DN

varchar

afctd_entity_id L%.! 5b^B #<< /|

G ;N D0Z

smallint

storage_media (g L%.M ,|H ze5*

E<

varchar

extra_info (g L%.M ,|H _! $

8

varchar


% 28. (g NW WLm Je (hS)

Je 3m %LM /|

sig_key_id +a: Je& }:OB % g

kGB 0G ;N D0Z. 0

WLm! kQ \N 0TOY.

smallint

enc_key_id Xg 9Ze!- 1CH Je&

O#-OB % gkGB 0G

;N D0Z. 0 WLm! kQ

\N 0TOY. vg 1.:G

Trust Authority!-B n2 J

e5 O#-Gv J@OY.

smallint


/vOB % gkKOY.

q. %LMk varchar

C:[ WLm

C:[ WLm: (g %LM#L:! kQ sB $8& 8/UOY.

% 29. C:[ WLm Je

Je 3m %LM /|

first_sn audit_log! VB 9 x0 (g

9ZeG OC x#.

$v

next_sn audit_log! VB Y= (g

9ZeG OC x#.

$v

audit_int audit_logWLmG +a:;

/vOB % gkKOY.

q. %LMk varchar

archive_int archive_ctlWLmG +a:;

/vOB % gkKOY.

q. %LMk varchar

events_int events_ctlWLmG +a:;

/vOB % gkKOY.

q. %LMk varchar

auth_ent_int auth_entitiesWLmG +a:

; /vOB % gkKOY.

q. %LMk varchar

auth_role_int auth_rolesWLmG +a:;

/vOB % gkKOY.

q. %LMk varchar

sources_int R: WLmG +a:; /vO

B % gkKOY.

q. %LMk varchar

afctd_ent_type_int afctd_entitiesWLmG +a:

; /vOB % gkKOY.

q. %LMk varchar

&5e |6gW 121

% 29. C:[ WLm Je (hS)

Je 3m %LM /|

keys_int 0 WLmG +a:; /vOB

% gkKOY.

q. %LMk varchar

event_sevs_int L%. I"5 WLmG +a:

; /vOB % gkKOY.

q. %LMk varchar

comp_types_int 8:dR /| WLmG +a:

; /vOB % gkKOY.

q. %LMk varchar

system_int C:[ WLmG +a:; /v

OB % gkKOY.

q. %LMk varchar

sig_key_id Xg 9ZeG +a: Je&

}:OB % gkGB 0G ;

N D0Z. 0 WLm! kQ

\N 0TOY.

smallint

.&! Xa

Trust Authority |. _! _}OB .&!; XaOAi Y= b; \h& {

#JC@.

1. Trust Authority C:[; _vOJC@.

2. C:[; gN.OJC@.


4. " 8:dRG sB& !KO) " 8:dR! O|w C[Gn G` _Nv

.NOJC@.

5. ?OQ .&!; O82 D, " 8:dRG NW& !KO) @y& #8JC

@.

6. L/Q 8:)& OaQ D!5 .&!L vSGi, vx k%N! .GOJC

@.


VGgW

L %G $8B L9!- &xGB &0 W -q:& 'Q MTOY. Y% *s!

-B L %! p^H &0, -q: GB bIiL &xGv J; v5 V@OY.

vg Xg v*!- gkL !IQ &0 W -q:! kQ $8B IBM 5wk%

!T .GOJC@. IBM &0, ANW% GB -q:& p^_Ym X- Xg IBM

&0, ANW% GB -q:8 gkR v VYB GLB FUOY. IBMG v{ g

jG; 'XOv JB Q bIs ?nQ Y% &0, ANW% GB -q:& kE

gkR v V@OY. W/*, IBMg L\G &0, ANW% GB -q:& gk

R ' W [?; r! W KuOB M: gkZG %STOY.

IBM: L %!- mGGB V&! kX /c& .m VE* vg bx_O v V

@OY. L %; &xOB ML /c! kQ gkG; N)OB M: FUOY. g

kG! |X-B -i; kX F! VRN .GOG v V@OY.

150-010

-o/0C 5nw8 )G5? 25-11, Qxty

Q9 FL.q.% VD8g

v{gjGN

2YL.(DBCS) $8! kQ gkG! |X-B Xg v*G IBM v{gjGN

N .GOE* -i; kX F! VRN .GOJC@.

IBM World Trade Asia Corporation Licensing

2-31 Roppongi 3-chome, Minato-ku

Tokyo 106, Japan

Y= ;k: 59 W Xg v* }T! O!Ov JB 9!!B {kGv J@O

Y. IBM: n0Q >yG mC{ GB OC{ 8u xL L %; :vskN; &

xUOY. )b!B /$ q{zG {U: GB GE !I:, q'X n! kQ O

C{ 8uL wTG* L! 9QGB M: FUOY. ON 9!!-B /$ E!

! Vn- mC{ GB OC{ 8uG wb! ckGv J; v5 V@OY. {s

- L ;kL gkZ!T {kGv J; v5 V@OY.


L %!B bzsG N$.:L* bGsG @y! V; v V@OY. L %G $

8B $b{8N /fGg, /fgW: 3$G! kUKOY. IBM: g| kv x

L p&s5 L %!- 3mOB &0 W ANW%; /fOE* 31R v V@

OY.

L %!- |6Q IBM L\G % gL.B \v mG& 'X &xH MLg X

g % gL.& _5Ob 'Q ML FUOY. Xg % gL.G ZaB ; IBM

&0; 'Q ZaG ON! FOg W/Q % gL.& gkOB M: gkZ ;

NL 1CR .&TOY.

IBM: m4L &xOB $8& m4!T n0Q G+5 N)Ov Jm {}OY

m }"OB fD8N gk GB PhR v V@OY.

(i) 6Z{8N [:H ANW%z(L ANW%; wTO)) b8 ANW% #G $

8 3/, (ii) 3/H $8G s# gk nG q{8N L ANW%! kQ $8&

xOB gkGZB F! VRN .GOCb YxOY.

150-010

-o/0C 5nw8 )G5? 25-11, Qxty

Q9 FL.q.% VD8g

RA.~n gw;N

L/Q $8B gka n; qTX- Xg b# W 6G! {s gkL !IUO

Y.

L %!- 3mOB gkG ANW%z W/Q ANW%; gkR v VB pg

gkG Zai: IBM m4 h`-, IBM 9& ANW% gkG h`- GB L

M ?nQ h`6GO!- IBM! GX &xKOY.

)b! wTH :I ZaB &nH /fO!- x$Gz@OY. W/GN b8 n

5 /f!- r: azM )T Y& v V@OY. ON x$*: 3_ \h C:

[!- r: MO v V8g, L/Q x$*L O]{8N gkR v VB C:[

!-5 0; MLsm 8eR v x@OY. S8 FOs, ON x$!B _$; k

X r: MLGN G& *z Y& v V@OY. L %G gkZB /$ /f! X

gGB Za& .NX_ UOY.


IBM &0 L\G M! |Q $8B Xg &0G &6w< W b#0, W\ gk

!IQ xD R:& kX 8Q MTOY. IBM: IBM &0L FQ Mz |CH

R8gWL* :I W #/: .&! kX-B 8eOv J8g WM 0: &0:

W:.Ov JR@OY. IBM &0L FQ &0G :I! kQ .GB Xg &6

w<N OJC@.

IBMG bD fbL* G5! |Q xmB g| kv xL /fGE* 68I v

V8g LB \v q{L* q%& &COB M! v*v J@OY.

%CH pg IBM &0G !]: IBMG Ge RqZ !]LZ C<Lg g| k

v xL /fI v V@OY. E! !]: YgR v V@OY.

s% W -q: s%

Y=: L9 GB b8 9!! nOH IBMgG s%TOY.

IBM

AIX

AIX/6000

DB2

DB2 Universal Database

RISC System/6000

RS/6000

SecureWay

WebSphere

Trust Authority ANW%(″ANW%″): DB2 Universal DatabaseG )/ NP

; wTUOY. ANW% gkGz T2 ANW%L gk GB }:OB %LMG

ze W |.k8N gkOB fl!8 L 8:dR& 3!O) gkR GQL V

@OY. 9& in 68 GB 8m- }:; 'X Y% @kANW%G %LM#

L:N ;N ,aOB M: gkG! wTGv J@OY. ANW%L 3!HMz ?

OQ bh!- L ANW%z T2 gkOB fl!8 L 8:dR&3!O) g

kR GQL V@OY.

VGgW 125

ANW%: IBM WebSphere Application ServerW IBM HTTP % -v(″IBM

-v″)G )/ NPi; wTUOY. ANW%G gk c!M +|Q IBM -vB

3!OE* gkR v VB GQL x@OY. IBM -vB ANW%z ?OQ b

h! Vn_ Og, ANW%8NNM 63H IBM -vB 3!OE* gkR v V

B GQL x@OY.

Java W pg Java b] s% W NmB L9 W b8 9!! nOH Sun

Microsystems,Inc.G s%TOY.

Microsoft, Windows, Windows NTW Windows NmB L9 W b8 9!!

nOH Microsoft CorporationG s%TOY.

UNIXB X/Open Company Limited& kX 6!{8N gkGL N)GB L9

W b8 9!!-G nOs%TOY.

Pentium: L9z W [G *s!- gkGB IntelgG nOs%TOY.

L ANW%!B RSA Data Security, Inc.NNM &x^: 8H R

A.~n! wTGn V@OY. Copyright © 1994 RSA Data Security, Inc. All

rights reserved.

L ANW%!B Hewlett-Packard CompanyNNM &x^: STL(%X [C..

sLj/.)L wTGn V@OY. Copyright (c) 1994.

v gkZB IBM! qk; vROv Jm L RA.~nM H;-& n2 q{8

Ng gk, 9g, v$, hw GB GER v V@OY. \, 'G z[G $8&

pg 9g;! mCX_ Og, &xOB H;-! 'G z[G $8M L c!

$8& pN mCX_ UOY. Hewlett-Packard CompanyB L RA.~nG

SG q{zG {U:; 8uOv J8g, mC{ GB OC{ 8u xL ″VB

WkN″ &xUOY.

L ANW%!B Silicon Graphics Computer Systems, Inc.NNM &x^: STL(%

X [C.. sLj/.)L wTGn V@OY. Copyright (c) 1996–1999.

v gkZB IBM! qk; vROv Jm L RA.~nM H;-& n2 q{8

Ng gk, 9g, v$, hw GB GER v V@OY. \, 'G z[G $8&


pg 9g;! mCX_ Og, &xOB H;-! 'G z[G $8M L c!

$8& pN mCX_ UOY. Silicon GraphicsB L RA.~nG SG q{

zG {U:; 8uOv J8g, mC{ GB OC{ 8u xL ″VB WkN″

&xUOY.

b8 8g, &0 W -q:m: 8g m/G s% GB -q: s%TOY.

VGgW 127

|C $8

Trust Authority &0 H;-B IBM SecureWay Trust AuthorityH;-

CD-ROM! PDF(L? !I .- |D) W HTML |D8N &xGn V@OY.

HTML v|G nn #`0: &0z T2 3!Gn gkZ NMdL:& kX W

<:R v5 V@OY.

#`0L &[H LD! &0L /fGz; v5 V@OY. VYG &0 $8M g

kZ! 1CQ pn W |D8N #`0! W<:OB f}! kQ Z<Q ;k

: ReadmeDO; |mOJC@. VY v|G ReadmeDO: Y= VR! VB

IBM SecureWay Trust Authority% gL.G Library dLv!- TvR v V

@OY.


Trust Authority sLj/.!B Y=G H;-! wTGn V@OY.

3! W G`

L %!-B &0G 3d& &xUOY. &0 d8gW; *-Om 3! }

w& 3mOg " &0 8:dR! gk !IQ BsN 5r;! W<:

OB f}! kQ $8& &xUOY. L %: NbH |BN &0z T

2 hwKOY.

C:[ |. H;-

L %!B Trust Authority C:[ |.! kQ O]{N $8! wTG

n V@OY. -vG C[ W _v, O# /f, -v 8:dR |., (g

v` W %LM +a: !K G`; 'Q }w! wTGn V@OY.

8: H;-

L %!B 3$ 6}g& gkO) Trust Authority C:[; 8:OB f

}! kQ $8! wTGn V@OY. 6}g& 'Q BsN 5r;; 8

B ?H L H;-G HTML v|! W<:R v V@OY.

nO GQ %:)> H;-

L %!B RA %:)>; gkO) Nu sLA gL, |<! ID N




/iaug.htm

/iaus.htm

/iauc.htm

/iaud.htm

u; |.OB f}! kQ $8! wTGn V@OY. %:)>G BsN

5r;; 8B ?H L H;-G HTML v|! W<:R v V@OY.

gkZ H;-

L %!B Nu 9f W |. f}! kQ $8! wTGn V@OY. N

u d;, ;E W kR& 'Q Trust Authority jslz nO gD; g

kOB }w! &xGn V@OY. GQ PKIX #/ Nu g| nO f}

W Li Nu; |.Ob 'Q Trust Authority ,sLp. gk f}L

mGKOY. ,sLp.G BsN 5r;; 8B ?H L H;-G HTML

v|! W<:R v V@OY.

Trust Authority % gL.G Library dLv!B Trust AuthorityG 3!, |.

W gk! 5rL GB b8 .-! wTGn V@OY. 9& ii, nO AN<

:& gkZ $GOB f}! kQ _! v'5 < v V@OY.


/iauu.htm



kn}

L kn}: ;.! *@B uNn kn* #

wOv J: knM W `n& $GOm gk

Z! |I Vn R kn& $GOm V@OY.

kn W W $GB Y= Za!- _iQ MT

OY.

v IBM Dictionary of Computing, New York:

McGraw-Hill, 1994.

v American National Standard Dictionary for

Information Systems, ANSI X3.172–1990,

American National Standards Institute

(ANSI), 1990.

v The Answers to Frequently Asked

Questions, Version 3.0, California: RSA

Data Security, Inc., 1998.

!

!s 3Nk W.v)(VPN). |-1L FQ NM]; g

kO) x] ,a; 8`OB 3Nk %LM W.v). g

kZiL |- 8g! FQ NM] -q: &xZ(ISP)&

kX |g{ W.v) Zx! W<:Ob '.! 6w<

!- x] W<: qk; sg NP }`R v V@OY.

VPN: GQ %LM 3/G 8H:; bsC5OY. b8

G f-. bzG fl ^Cv ;k: O#-C3 v V

8* R: W VRB O#-C3 v x@OY. VPN b

z!-B gkZ! |< $8 P6(;k W lu); O#

-Om 86-Q MN ,a; .3R v V@OY.

(g NW. Trust Authority!- (g L%.6Y O*

?G 9Ze& zeOB %LM#L:G WLm.

(g -v. (g ,sLp.NNM (g L%.& vE

Om L& (g NW! bOOB Trust Authority -v.

(g -jC:[. Trust Authority!- 8H |C 6!

! kQ Nk; vxOB -jC:[. ]6 -q: jw

; 'Q xk 0 O# [:}!- _%Q %X <. _

X9.57 %XG GegW; XvUOY.

(g _{. m.{ fN |D8N H %LMN-, L%.

x-& ,aOB %LM. (g _{; kX .#hGL*

Xg 0?G bO; _{R v V@OY.

(g ,sLp.. Trust Authority (g -vN (g L

%.& |[OB C:[G SG ,sLp.. (g ,sL

p.B (g -vN L%.& |[Ob |! (g -vM

G ,a; 3$UOY. ,aL 3$H D ,sLp.B (

g -jC:[ ,sLp. sLj/.& gkO) L%.

& (g -v! |^UOY.

3f| %LM#L: ,a:(ODBC). -N Y% %LM

#L: C:[; W<:Ob 'Q %X.

3f| C:[ s#,a(OSI). ISO!- NuQ D;M

W.v7 %X L'.

3Nk 0. R/Z8 gkR v VB xk/3Nk 0 V

G 0. L 0& kX R/Z! 3Nk .#hG; vEO

E* pvP Nu; v`R v V@OY. 3Nk 0N -

mH %LMB Xg xk 0N8 .NL !IUOY. x

k 0M q3OJC@. GQ xk/3Nk 0 V; |mO

JC@.

TL.~L. q#/ W.v) GB @kANW%L -N

kER v V5O OB bI{ \'.


f. p:d. W<: ANd](LDAP). p:d. W<

:! gkGB ANd].

xk 0. Y% gkZ! gkR v V5O X VB x

k/3Nk 0 VG 0. .#hG; 0 R/Z!T v$O

E* pvP Nu; .NR v V5O UOY. xk 0N

O#-H %LMB Xg 3Nk 0N8 X6L !IUO

Y. 3Nk 0M q3OJC@. GQ xk/3Nk 0 V;

|mOJC@.

xk 0 O# [:} %X(PKCS). YgQ D;M w<

G k%Ziz T2 RSA ,8R!- 1991b! 3_Q q

x D { N w < # % X . L % X : RSA O # - ,

Diffie-Hellman y`, O# b] O#-, .eH Nu 8

., O#- ^Cv 8., 3Nk 0 $8 8. W.m N

u 8.; 8fUOY.

v PKCS #1: RSA xk 0 O#- C:[; gkT8

Na %LM& O#-OB f}; 3mUOY. pvP

-m W pvP @u! gkOB ML W q{TOY.

v PKCS #7: O#- ^CvG O] |D; v$UOY.

v PKCS #10: Nu d;G %X 8.; v$UOY.

v PKCS #11: :6. +e nG O#- e!& 'Q b

z 63{ ANW!V NMdL:& $GUOY.

v PKCS #12B gkZG 3Nk 0, Nu, b8 qP $

8 n; zeOE* |[Ob 'Q L? !IQ |D

; v$UOY.

xk 0 ON86(PKI). xk 0 O# [:}; b]8

N OB 8H RA.~nG %X. PKIB pvP Nu, N

u b|, nO GQ, Nu |. -q: W Pj p:d.

-q: C:[TOY. LM: NM] sG .#hG! |

CH " skfG Ex W GQ; .NOB % gkKO

Y. L .#hG!B Ex .NL JdQ 6[L ,|I

v V@OY. 9& in &H- T{Z, |Z lm ^C

v [:Z GB ]6 E!& .NOB fl! V@OY.

PKIB xk O#- 0M /?Q 3NL* 6w<!- N

uOB gkZ Nu; [:O) WM 0: 3.& v`U

OY. pvP Nu, Z] um, pvP -m; .NOb '

X gkGB xk O#- 0M NuL wTH BsN p

:d.& &xUOY.

PKIB xk O#- 0& 'Q .N 68 W d;! k

X ESOm ?2{N @d v\; &xUOY. GQ C

:[! kQ ag{N 8H 'h dR& D0Om 8H '

]; 3.Ob 'Q Zx; /v8vUOY. 6v78N

PKIB _dQ qvO: E!! pvP C# RN -q:

& &xUOY.

xk/3Nk 0 V. xk/3Nk 0 V: 0 V O# [

:}G 3d _ ONTOY(0 |. .&!; XaOb '

X DiffieM Hellman! GX 1976b! R3J). W 3d

! {#i " 3NL 0 V; R/Og O*& xk 0,

Y% O*& 3Nk 0N N(OY. 3Nk 0! qPN

/vGB ]i! " 3NG xk 0B x%KOY. [E

ZM vEZ! qP $8& x/R Jd! x@OY. p

g kE!B xk 08 |CGm 3Nk 0B |[GE*

x/GB OL x@OY. 5;L* xN! kqO) ON

kE $NG 8H; 'X u Ls ON kE $N; E

ZR v V5O 8i Jd! x@OY. /OQ d8gW

: xk 0& EZ(Nu) fD8N(9: EZ p:d.N)

gkZM ,|CQ_ QYB MTOY. xk $8& gk

Oi )8gv qP ^Cv& [ER v V@OY. W/

* 3Nk 0N8 ^Cv& O#-R v V8g W ^C

vB h9H vEZG \6 R/TOY. GQ 0 V O#

[:}: 3Nk8N(O#-) S8 FOs Nu(pvP -

m)!5 gkL !IUOY.

xk TL.~L NMdL:(CGI). % dLvM % -

v #G %X $8 |[ f}.

xk %LM 8H F0X3(CDSA). D;M b] 8H

@kANW%G 8H -q: W 8H |.! kQ w}{

"Y}; $GOb 'X 3_H M. D;M C'{L @k

ANW%; 8Y H|OT 8#R v V5O IntelL 3

_Q MTOY.


xk O#- F0X3(CCA). Vd IBM D;C C'{

!- O# [:}! kQ O|H "Y; !IOT XVB

IBM RA.~n. YgQ ANW!V pnN [:H @k

ANW% RA.~n& vxUOY. @kANW% RA.

~nB DES W RSA O#-& wTO) $|'Q O#

- bI; v`OB CCA -q:& #bR v V@OY.

8P L'(DN). p:d.! zeH %LM WqG m/

L'. DN: p:d. h~ 86!- Q WqG '!& %

CUOY.

8P NZy T"(DER). BER! kQ &`; &xUO

Y. DERB NZy T"L ckOB NZy /| _ \

O*G NZy /|8 1CT8Na [EZG IG pN

& &EUOY.

93 8H b|(NSA). L$NG xD{N 8H \<.

9& kE \<(ITU). $N W 3N \'! |<hG k

E W.v) W -q:& kUOB 9& 6w. kE bz,

T& W %X $8G 15{N x3ZTOY.

9& %X b8(ISO). MN \!- D;M W.v) A

Nd]! L#bnv pg M! kQ %X; 3_ W .

3Ob 'X 8:H 9&{N 6w.

GQN). Zx W<:! kQ c!.

UO Zx '! 3$Z(URL). NM] sG Zx VR

v$; 'Q 3h. URL: ANd], #:. L' GB IP

VR& mCUOY. /$ bhNNM Zx! W<:Ob '

X JdQ w. x#, fN, Zx <NgW5 mCUOY.

bP:. GQL xB skf!TB )3Gv JB /:.

b; NZy T"(BER). ASN.1(_s 8. %b} 1)!

- bzQ %LM NZy \'! kX ISO 8825!- v

$Q T". L T": _s 8.L FQ NZy bz; v

$UOY.

*

;N 86. :06& |mOJC@.

Y

\x lm |[ ANd](SMTP). NM] s!- |Z

lm; |[OB ANd].

ks. v$ GB 1CH %LM R:.

k*{ O# [:}. O#- W X6! 0: 0& gk

OB O# [:}. L 0! 8H:G |GL KOY. 0

! kbGi )8gv ^Cv& X6R v VT KOY.

0! qPN /vGB ?H!8 kEG qPL /vKO

Y. qk*{ O# [:}z q3OJC@.

k*{ 0. O#- W X6! pN gkR v VB 0.

k*{ O# [:}; |mOJC@.

%LM O#- %X(DES). xD %X8N- 1977b L

$N!- $G W BNQ O#- mO O#(cypher). x

!B IBML 3_Q M8N-, x3H LD xP: ,8

z$; ED vgB _ KAvm $|OT gkGm VB

O#- C:[TOY.

DESB k*{ O#- C:[TOY. {s- kE! gk

I fl [EZM vEZ! pN 0: qP 0& ]eC

Km Vn_ UOY. L 0B ^Cv O#- W X6! g

kKOY. GQ O# |D8N Oe p:)! DO; z

eOB nG \O gkZ O#-!5 gkR v V@O

Y. DESB 64q. mO )b& !vg O#- _!B 56

q. 0& gkUOY. x!B Oe~n!- 8vO5O 3

hH MTOY. NISTB xD{N L$N O# %X8N

- 5b6Y gNuL Lgn}OY.

%LM ze5* sLj/.(DL). Nu, CRL, 0, $%

W b8 8H |C @j'.G 58 %LM zeR! W

<:R v V5O OB pb.

kn} 133

5^N. 8H 5^N W nO 5^N; |mOJC@.

nO. Trust Authority!-, NM] s!- gkR Z]

um-& 9fOB AN<:. nO!B NuG d;, ;E

W kR! wTKOY.

nO GQ(RA). nO d;L 3= vEH 'NNM N

uL kRI 'nv 6wG qnO: $%L ]5I v V

5O Ob 'X pvP Nu; |.OB RA.~n.

nO %LM#L:. Nu d; W _`H Nu! kQ $

8& !vm VB M. %LM#L:B nO %LM& z

eOm |< sLA gL,! I# Nu %LMG /fg

W pN& zeUOY. %LM#L:B RA AN<:M b

8 $%; kX, GB RA %:)>; gkOB |.Z!

GX w%L.I v V@OY.

nO 5^N. Zx, $%, W.m /$ Nu nO AN<

:M |CH 8: IGG }U. 5^N L': nO @k

ANW%; G`OB % gkGB URLG O' }UTO

Y.

nO /v. nO S:; |mOJC@.

nO S:. nO gD! wTH nO /v. L *: n

O _! r: $8& ]5UOY. nO S:G *: Z]

um-! /?Q |< C# ?H ?OOT /vKOY.

nO @kANW%. #<< nO(9: jslz, slM, |

Z lm, 8H ,sLp. @kANW% n) W |< s

LA gL, ?HG Nu |.& 'X /v-H v\; &

xOB Trust Authority @kANW% A9Sv).

nO AN<:. Trust Authority!-, gkZM gkZG

xk 0& NuO) .#hG! |)C3 v V5O gk

Z& /?-OB \h. L AN<:B NCL* %; b

]8N R v V8g, gkZ# s#[k; kX Z?-

Om |.R v V@OY.

p:d.. kE(|Z lm GB O#- 3/ n)z |C

H $8& 'Q $* zeRN gkOb 'X mHH h

~{ 86. p:d.B PKI 86! Jv dRN /$ W

q(xk 0, Nu W Nu kR qO n); zeUOY.

p:d. ;G %LMB .. |D8N h~{8N 8:

Gg ..G G 'B g.! XgKOY. 'NB s' 9

' 6w<! 30 9!, $N GB 8g& *8@OY. g

kZ* e!B 8k " ..G .AN %CKOY. .A

! XgOB gkZ, 6w, v*, 9! W e! ""!B

Z<G WqL wTGn V@OY. " Wq: /|-H S

:8N Lgnvg, L S:i: Xg WqL *8;B @

j'.! kQ $8& &xUOY.

p:d.G " Wq: ,|H DN(8P L')z ,aGn

V@OY. LM: G&{8N 8gOB @j'.! m/Q

M8N KAx S:L wTGn VB fl! m/X}O

Y. Y=G 9& DN; ll 8i, 9!(C)B L9, 6w

(O): IBM, 6w \'(OU)B Trust, 8k L'(CN):

CA1N M; < v V@OY.

C=US/O=IBM/OU=Trust/CN=CA1

p:d. -v. Trust Authority! wTH IBM

SecureWayp:d.. L p:d.B LDAP %X; v

xOg DB2& W b]8N gkUOY.

pU. iWsne!- 8:)& 3.OB ANW%. 5r

;L JdQ 6GL _}R fl +6G #bKOY. k

3B C:[L Z?8N G`C0GN gkZ! pU; N

DR JdB x@OY. pU: 58{8N 8gR v5 V

m C:[L O$ #]; Nm g}:R v5 V@OY.

L kn(pU8N _=)B E-!- *B MTOY. vg

B DAEMON(Disk And Execution MONitor)G `n

N X.Gm V@OY.

pvP -m. [EZG Ex; 8uOB .- GB %L

M! _!H Ze- ^Cv.

pvP -m: G& -m8Y u P: 8H 9'; &x

UOY. W L/B pvP -mL O#-H L' GB \

xQ D0 Ze C.n! FOs, -mGB ^CvG O

#-H d`Lb '.TOY. W/GN ^Cv! pvP -


m; T8Na [EZG .GQ Ex; &xUOY. ([E

ZG 08 -m; [:R v V@OY.) GQ -mGB ^

CvG ;k; m$R v5 V@OY(O#-H ^Cv d

`: ^Cv ;kz ]eC O!X_ Og O!Ov J;

fl!B -mL +?-KOY). W/GN pvP -m;

Q ^Cv!- 9gO) Y% ^Cv! {kR vB x8

g LB d` GB XC! O!Ov Jb '.TOY. -

mH ^Cv! kQ /fL On/ fl!B Xg -m G

Q +?-KOY.

pvP -m Km.r(DSA). pvP -m %XG ON

N gkGB xk 0 Km.r. O#-!B L Km.r

; gkR v x8g pvP -m!8 gkR v V@O

Y.

pvP Nu. Nu; |mOJC@.

pvP Nu-. EZR v VB & 3Z! 3NL* #<

<! kX _`Q |Z Z] um-. " Nu-B CA 3

Nk 0& gkO) -mL Lgn}OY. 3N, qvO:,

6w<G Ex; 8uUOY.

CA *R! {s-B NuL NM]s!- |Z qvO:

& v`Ob 'Q RvZG GQ; umUOY. n2 G

L!-B pvP Nu-! n| icuL* Gk 9w u

m-M 0: *R; UOY. {s- L pvP Nu-B

Xg 3Nk 0G RvZ! /$ e-business0?; v`

R v VB GQL V=; umUOY.

Nu-!B NuQ #<<! 3NNv bhNv GB D

;M ANW%Nv! |Q $8! in V@OY. o, X

g #<<! NuH xk 0! V@OY.

6

^Cv d`. SG )bG ^Cv& gkOm m$ fL

G g; bBOB kR! R!IQ bI. MD5B ^Cv

d` Km.rG Q 9TOY.

^Cv Nu Ze(MAC). [EZM vEZ gL! x/

GB qP 0. [EZB L& NuOm vEZB KuU

OY. Trust Authority!- MAC 0B CA W (g 8

:dR& 'Q KeyStores! zeKOY.

pb/:. RSA xk 0 O#- C:[!- N 3G +

Rv(pM q)& vX- }:H v(n). RSA pb/:G V

{ )bB 8H d8! {s ^s}OY. pb/:! ,

vO u 9: 8HL Lgn}OY. RSA ,8R!- G

eOB 0 )bB 0G gk! {s Y(OY. o, 3N

kLi 768q., bwkLi 1024q., CAG 0 Vz 0

: FV _dQ 0! kX-B 2048q.TOY. 768q.

0B VRQ 2004bnvB 8HGB M8N 9sKOY.

+a:. C:[!- GQL xB v$; ]vR fl C

:[L %LMG +a:; 8#UOY(GQL xB )3;

]vOB %LMG bP:; 8#OB MzB ]kN).

+a: !K. \N 8:dRMG .#hG; kX }:H

(g 9Ze& !KOB M.

.- O#- 0(DEK). O]{8N, DES nG k*{

O#-/X6 0.

Y

YL.Ze. JavaDDO/! }:Om JavaNMA.M

! G`OB bh 63 Ze.

_`H Nu qO(ICL). _`H Nuz NuG vg s

B! kQ O|Q qO. Nu: OC x#M sB0N v

N-Gn V@OY. L qO: CA! |.Og CA %L

M#L:! zeGn V@OY.

f-.. W.v)#G $8 e'; &QOB W.v)#

TL.~L. 8k \NG GQL xB gk8NNM ;N

W.v)& 8HOb 'X gkKOY.

8H 5^N. ?OQ CA! GX NuH Nu-& R/

Q Wl(8g, [w WlL* @, 30 GB $N \<).

kn} 135

CA! -mQ Nu-& R/Q gkZi: 0: CA! -

mQ Nu-& .m VB Y% gkZG Ex; EZR v

V@OY.

8H RO h~(SSL). V> gkZ!T VkQG um

:; &xOB ;e 8H -q:& !x IETF %X k

E ANd]. pvPN 8HGB kE $N; &xUOY.

SSL gk !I -vB Ws %X HTTP d;L FQ Y

% w.!- SSL ,a d;; BNUOY. SSL: N p

) #G kE; 3$Ob 'Q E# 3/L \ Q x _

}X_ R ' <G; [:UOY. W Y=!B kEL O

#-KOY. ^Cv +a: !K: SSL <GL 8bGb

nv G`KOY.

8H |Z .#hG(SET). EZR v xB W.v) s

!- 8HH Ek+e* v] +e vR; KxOB jw

%X. L %X: NuG _`; d;Ob '.! +e R

vZ, sN, +e _^ :`G Nu; kUC5OY.

NN. 9& in gkZ! [EQ /$ ^Cv* &bQ

/$ d;; NNOB Mz 0L |L FQ M8N EN

OB M.

NN @b. .-G -mZ! .-! -mQ M; W8v

J: M8N ENOv J5O pvP 3Nk 0& gkO

B M.

jslz. % jslz& |mOJC@.

jslz Nu. pvP Nu: ,sLp.x NuLsm

5 UOY. L Nu: SSL gk !IQ % -v& kX

CA! _ÙOY. O#-H DOG 0& kX Nu 8/

ZB %LM& O#-Om X6Om -mR v V@OY.

O]{8NB % jslz! L 0i; zeUOY. ON

@kANW%!-B :6. +e* Y% E<! 0& z

eO5O ckOm V@OY. pvP Nu; |mOJC@.

qk*{ O# [:}. O#- W X6; 'X -N Y

% qk*{ 0& gkOB O# [:}. " gkZB Q

VG 0& ^T Gg, L _!- xk 0B pg gkZ

! W<:R v V8g 3Nk 0B gkZ ZE!T8

KA}OY. 8H .#hG: xk 0M L! k@OB 3

Nk 0! O!O) .#hGG X6L !IQ fl!8

Lgn}OY. LM; 0 V O# [:}Lsm5 UOY.

k*{ O# [:}z q3OJC@.

q?b kE. [EZM vEZ! ?C! 8gOv JF

5 GB kE pe.

qP:. GQL xB %LM )3NNMG 8#.

qP: 8# -- Ô(PEM). NM] qP: 8# -

- Ô %X8N-, NM] s!- H|Q |Z lm;

&xOb 'X IAB(Internet Architect Board)! $CQ

%X. PEM ANd]: O#-, Nu, ^Cv +a:, 0

|.& &xUOY.

qnO: AN<: @j'.. /$ nO [w; vÒ

B % gkGB Ze <.(9: nO d; sB !K GB

xk 0 vE )N Ku).

qnO: AN<: [C... v$H x-N G`GB q

nO: AN<: @j'.G p=.

g

gkZ Nu. ^CvG x! [:Z& D0Om ^Cv

R/Z& $g-OB /?: Ku AN<:. GQ bkQ

V> gkZ* C:[z kE _Nv5 .NUOY.

gL. Nu. CA Nuz /gOv8 /$ % gL.!

kX-8 /?Q Nu. CA Nu; |mOJC@.

g|nO. Trust Authority!- Q gkZ(k3B |.

Z)! Y% gkZ& nOR v V5O OB AN<:. d

;L BNGi RAB Xg gkZ! LD Trust Authority

,sLp. @kANW%; gkO) Nu; 9fR v V

5O OB $8& &xUOY.


s# Nu. 3Nk -m 0M ,|H xk 0! in V

B Nu; Q CA! Y% CA!T _ÒB EZ p(.

O]{8N s# 8uH Nu; gkOi O*G |. c

g 5^N! wTH ,sLp. C:[L* #e #<<

! Y% 5^N! wTH ,sLp. C:[L* #e #

<<M H|OT kER v V@OY.

-m. -m; }:Ob 'X 3Nk 0! gkOB M.

-m _N ^Cv& gkZ! %Svm BNT; TuO

B v\8N- gkKOY.

-m/Ku. -mQYB M: -m; }:Ob 'X 3N

k pvP 0& gkOB MTOY. KuQYB M: -

m; KuOb 'X k@OB xk 0& gkOB MTO

Y.

-v. (1) W.v)!- DO -v nG Y% :WLG

8N bI; &xOB %LM :WLG. (2) TCP/IP!-

,sLp./-vN N#B Y% gL.! VB C:[G

d;; 3.OB W.v) ;G C:[.

-v Nu. % -v! SSLk .#hG; 3.R v V

5O CA! _`Q pvP Nu. SSL ANd]; gkO

) jslz! -v! ,aGi -v! jslzN W x

k 0& [EUOY. L/Q z$; kX -vG Ex;

NuR v V@OY. O#-H $8& -v! 8> v5

V@OY. CA Nu, pvP Nu W jslz Nu; |

mOJC@.

-m4. Javagk !I -v! _! bI; &xOB -

vx ANW%.

:6. +e. gkZG pvP 0& zeOb 'X gk

GB 8k Ek+e )bG Oe~nG O>. :6. +

e!B O# 8HL !IUOY.

:06. p:d.M |CH M8N-, -N Y% @j'

. /|#G |h& $GOB ;N 86.

EZ 5^N. ?OQ CA! GX NuH Nu-& R/

OB #<<iG }U.

EZ p(. Nu GQL Y% Nu GQ; umOB f

}; &nOB 86{N T".

EZ D;M b](TCB). 6wG D;M 8H $%; }

U{8N GÒB RA.~n W Oe~n dR. 8H $

% Gv! 5b; L!B dR GB dR NP: 8Hz

|CH M8N- TCBG ONTOY. TCBB 8H fh

N &QGB @j'.TOY. 8H $%; GÒB ^?

Or: s4 xLO|X_ Og, GQL xB C:[ /

G! kQ W<: GQ; rv xO5O X_ UOY.

F

O# [:}. D;M 8H! Vn- O] X:.G O#

- W O#- X:.G X6; 'Q x", GL, f} n.

O# X6(decrypt). O#- AN<:& G`kROB M.

O#-. (1) {gQ X6 Ze& !x gw8L X6;

kX x! $8& r; v V5O $8& Z/B M. (2)

W GL& {bb 'Q %LM //z |CH M.

O#-/X6. 9$H vEZG xk 0& gkO) W g

w; 'X %LM& O#-Q D %LM X6! xk 0

M V; LgB 3Nk 0& gkOB M.

VC4. JavapnN bOGm Java#/ % jslz!

- G`GB D;M ANW%. JavaVC4Lsm5 UO

Y.

W<: &n qO(ACL). /$ ZxG gk; GQL V

B gkZ!TN &QOb 'Q ^?Or.

":.s]. /gQ bz; gkOB NM]G D}0. 9

: 8giL m4, D.J, ;N :G n )/ }\! k

X % x3, |ZsE!, ^Cv |[, Wl~n& {kO

m V@OY.

kn} 137

#e #<<. CA! FQ NuG V<.

@j'.. 4< vb 3h* ANW!V! Vn- _s

86- %LM W W %LMM ,|H 6[. ,!:& |

mOJC@.

@j'. D0Z(OID). ASN.1(_s 8. %b} 1)!

- $GQ /|8N- |. q{8N v$H %LM *.

@j'. /|. p:d.! zeC3 v VB @j'.

>y. 9& in N-, 8GG, e!, 3N, ANW% GB

AN<: n.

d; ID. RA! kQ Nu d;; m/OT D0OB

24-323G .ZN H ASCII *. L *: Nu d; .

#hG! gkGn d;G sB GB WM |CH Nu;

KvR v V@OY.

ye MLe %(WWW). OL[Lpn %LM& !x D

;M#! W.v) ,aL .3H NM] NP. L %L

MiL $8& &xOg WWW W NM]G Y% %L

M! kQ 5)& &xR v V@OY. WWW Zx: %

jslz ANW%; kX W<:KOY.

% jslz. %:)> PC!- G`Gn gkZ! ye

MLe % GB NC HTML dLv& #F< v V5O

XVB ,sLp. RA.~n. %z NM]!- gkL

!IQ + OL[Lpn %LM }U! kQ xkG W<

:& &xOB Kv 58TOY. n2 jslzB X:.

M W!H; pN %CR v VB ]i, n2 jslzB

X:.8 %CR v V@OY. kNPG jslz! FTP

.#hGz 0: Vd NM] kE |D; 3.UOY.

% -v. jslz ANW%8NNMG $8 Zx d;

! @dOB -v ANW%. -v& |mOJC@.

/OZe. ISO 10646!- $GQ 16q. .Z <.. /

OZe .Z NZy %X: $8 3.! gkGB 9& .

Z ZeTOY. /OZe %X: |<hG _dQ :)3

.& wTOg, RA.~nG 9&- W v*-& 'Q b

J& &xUOY. Java ANW!V /fG pg R: Z

eB /OZeN bOKOY.

/|. @j'. /|; |mOJC@.

N:O:. DB2! Vn- N:O:B %LM& zeOm

@kANW%; v`Ob 'Q m.{ %LM#L: |.

/fTOY. 8: E3/vG xk <.& )/ %LM#

L:! kX $GR v V5O ckUOY.

Nu. (1) 3N, qnO:, 6w<G Ex; 8uUOY.

(2) kE _N skfG Ex; G0OB AN<:.

Nu b|(CA). 6wG 8H $%; XvOm Nu |

DG 8H |Z EP; v$R %SL VB RA.~n.

CAB RANNMG Nu _`, ;E W kR d;; 3

.UOY. CAB RAM s#[kO) Nu W CRL; p

:d.! x%UOY. pvP Nu; |mOJC@.

Nu $%. xk 8H d8gW; !vB /$ ,!:G

@kANW%! kQ NuG {k !I:; v$OB T

"; mCQ }U. 9& in Nu $%: /$ Nu /

|; kX gkZ! Vnx !] |' H!- s0! k

Q .#hG; v`O5O ckR MNv )N& v$R

v V@OY.

Nu kR qO(CRL). Nu b|L kRQ NuG qO

8N- pvP -m W C# RNL {kH qO. L q

OG Nui: ck R!N #VKOY. pvP Nu; |

mOJC@.

Nu ANDO. xOB Nu /|; $GOB /!iG

}U(9: SSL Nu GB IPSec Nu). L ANDO: N

u gg W nO; |.OB % 5rL KOY. _`ZB

ANDOG L'; /fOm xOB NuG /!(9: /?

b#, 0 k5, DN &` n); v$R v V@OY.

Nu .e. Nu! _! Je& wTC3 v V5O O

B X.509v3 Nu |DG 1C{ bI. %X .e W g

kZ $G .eL V@OY. %X .e: 0 W $% $


8& wTQ YgQ q{, V< W _`Z S:, Nu f

N &` n; 'Q MTOY.

NM]. D;M#! |Z{ ,a; &xOB |<h{N

W.v) }U. NM]: D;MiL |Z lm GB %

jslz nG RA.~n e!& kX -N kER v V

5O X ]OY. O*G W.v)! VB nn kPiL

NM]; 8:O) /gQ Y% W.v)M wJN ,a

OB ML W Q 9TOY.

N.s]. 8k f-. Z! sVOB bw ;G W.v

). NM]G D}0N- WM /gQ bz; gkUOY.

bz{8N N.s]: NM]; `# .eQ M! Rz

UOY. HTML W HTTPB L _!- 8m-H MTO

Y.

O] X:.(plaintext). O#-Gv J: %LM.

cleartextG ?Gn.

Z

Z] um-. Nu 3/C 3NG Ex; .NOb 'X

gkGB bP $8. W.v) D;C /f! Vn- Z

] um-G !e O]{N /|: CA! [: W -m

Q NuTOY.

Z9n vx(NLS). pn, k-, /% W C# |D, }

Z %b& wTO) v*0 /:! {% wL!; &0 ;

!- vxOB M.

|[ &n ANd]/NM] ANd](TCP/IP). LAN W

WAN; 'X kn(peer-to-peer),a: bI; vxOB

kE ANd] <..

$% "C.. nO @kANW%!-, @kANW%L #

bOB 6w $G ANW%. $% "C.! v$H T"

: 6wG qnO: W 8H 1#gW; nO AN<:!

{kUOY.

6! w:d.. Z] um-G sLA gL,!- `{H

L%.G p=.

w

<N /?: .N. Nu; _`Q EZ h~ ;G pg

CA BNG /?: .N. 9& in Q CA! Y% CA

& kX -m Nu; _`Q fl, N -m: pN gk

Z! &COB NuG /?: Ku z$; kX /?-K

OY.

Vm CA. PKI CA h~G G '! VB CA.

_s 8. %b} 1(ASN.1). $8 %LMG 8.; $

GOB % gkGB ITU %b}. )/ !v #\Q %L

M /|; $GOm WM 0: /|G D0 W * v$;

'Q %b}; v$Q MTOY. L %b}: |[C $

8 O#- fDG &Q xL $8G _s{ 8.; $G

X_ R '6Y {kC3 v V@OY.

+

Ze -m. G` ANW%; pvP -m8N -mOb '

Q bz. Ze -m: NM]; kX PjH RA.~n

G EZ5& tLb 'X 3hH MTOY.

,sLp.. (1) -vNNM x/ -q:& vEOB b

I{ \'. (2) Y% D;M* ANW%G -q:& d;

OB D;M* ANW%.

,sLp./-v. Q gL.G ANW%!- Y% gL.

G ANW%8N d;; [EOm @d; bY.B Pj

3.G Q p(. d;OB ANW%; ,sLp., @dO

B ANW%; -vN N(OY.

,!:. 4< vb 3h GB ANW!V!- xk $G

& x/O) xk /:, 6[, [w /:; x/OB @

j'. Wl.

kn} 139

0. $8G O#- W X6; 'X O# [:}! gk

GB g.

0 V. qk*{ O# [:}! gkGB k@ 0. Q 0

B O#-! gkGm Y% 0B X6! gkKOY.

8

MN. VPN bz! Vn- NM]; kX LgnvB d

8 C! !s v!# ,a. ,aH ?H!B x] gkZ

! MN; gkO) bw<G 3Nk W.v)G -vM

8H W O#-H 86- $8& 3/R v V@OY.

.#hG ID. g|nO nO d;! kQ @d8N RA

! &xOB D0Z. Trust Authority ,sLp. @kA

NW%; G`OB gkZ! g| BNH Nu; 9fR

v V5O UOY.

D

DO |[ ANd](FTP). D;M#G DO |[; '

X gkOB NM] ,sLp./-v ANd].

%X |k 6)w pn(SGML). 6)w pn& bzO

B %X. HTML: SGML; b]8N UOY.

ANd]. D;M# kE; 'X y$H T`.

AOC -v. W<:& d;OB D;M(D;M A)M W

<:GB D;M(D;M B) gLG _3Z. W/GN V>

gkZ! A D;MNNM Zx; d;Oi L d;L A

OC -vN v$KOY. AOC -v!-B d;; [:

O) B D;MNNM @d; ^: Y= W @d; V>

gkZ!T L[UOY. AOC -vB f-. ;NNNM

ye MLe % Zx! W<:R ' /kUOY.

O

OL[X:.. gkZ! .-G %C W Kv; 'X 6

l:N )& v VB \n, 8, W!HL wTH X:..

LM 0: \n, 8 GB W!H; OL[5)sm Og

OL[5)& KvOB M; 5)QYm UOY.

OL[X:. 6)w pn(HTML). % dLvG Zy;

'Q 6)w pn. LM: SGML! bJOm V@OY.

OL[X:. .#hG ANd](HTTP). % s!- O

L[X:. DO; |[Ob 'Q NM] ,sLp./-v

ANd].

}Z

3_ DES. O] X:.& < x O#-C0B k*{ K

m.r. L& 'Q 9: f}iL VbB Ov8, !e H

|Q Y_ O#- |D: < 3G -N Y% 0& gk

OB 3_ DESTOY.

4758 PCI O#- ZAN<-. m:IG DES W RSA

O#- 3.& &xOB ANW!VL !IQ /6 ]@

bIG O#- PCI v: +e. O#- AN<:B +e

s! ;eH 8H e!!- v`KOY. +eB FIPS

PUB 140-1 9' 4 %XG v]Q d8gW; XvUO

Y. RA.~nB ;eH 8H e!!- G`KOY. Ek

+e E!B SET %X; gkOB Q 9TOY.

64x NZy. MIME; gkQ 2x %LM& //Ob

'Q O]{N f}.

A

ACL. W<: &n qO.

ANSI. L9 %X ,8R.

ANSI(American National Standards Institute). N

!H 6w<!- [:Q ANC`n& .3Om L9; S

GG jw %X; /v8vOB \<. }jZ, RqZ, O

]{N LM }\8N Lgn}OY.

ASCII. $8 3/; 'Q L9 %X Ze.


ASCII(American National Standard Code for

Information Interchange). %LM 3. C:[, %L

M kE C:[ W |C eq #G $8 3/! gkG

B %X Ze. ASCII <.B 7q. Ze- .Z(P.<

<)k q.& wTO) 8q.)N Lgnx Ze- .Z

<.& gkOg, .Z <.B &n .Z W W!H .Z

N Lgn}OY.

ASN.1. _s 8. %b} 1.

B

BER. b; NZy T".

C

CA. Nu b|.

CA h~. Trust Authority!-, O*G CA! G ' 8

6! '!Om Vm W 3G >S CA ~L W F!! '

!OB EZ 86. CA& kX nOH gkZ* -vB X

g CA! -mQ Nu; ^T Gg s' vXG Nu h

~; hBUOY.

CA -v. Trust Authority CA(Nu b|) 8:dR&

'Q -v.

CA Nu. gkZG d;C, gk _N % jslz! N

DOv xOB CA!- BNQ Nu. W Y=!B jsl

z! L Nu; gkO) Xg CA! _`Q Nu; 8

/OB -vMG kE; NuUOY.

CAST-64. 64q. mO )bM 6q. 0& gkOB m

O O#(cipher) Km.r. LM: Carlisle AdamsM

Stafford Tavares! GX 3hGz@OY.

CCA. IBM xk O#- F0X3.

CDSA. xk %LM 8H F0X3.

CGI. xk TL.~L NMdL:.

cleartext. O#-Gv J: %LM. O] X:.

(plaintext)G ?Gn.

CRL. Nu kR qO.

CRL _` #]. CA 8: DOG 3$*8N- CRL

; p:d.! x%OB Vb gLG #] C#.

D

DEK. .- O#- 0.

DER. 8P NZy T".

DES. %LM O#- %X.

Diffie-Hellman. _m!(DiffieM Hellman)G L'!-

/!Q L'8N, 8HGv JB E<! kX x/ 0&

.3OB f}.

DL. %LM ze5* sLj/..

DN. 8P L'.

DSA. pvP -m Km.r.

E

e-business. W.v) W D;M& kQ qnO: .#

hG. 00 W -q:G 8T W GE! wTKOY. G

Q pvP kE; kQ Z]G L?L wTKOY.

e-commerce. qnO: # .#hG. NM] s!-G 0

0 W -q:G 8T W GE(-q:, x^Z, GEwZ n

; kQ)! wTKOY. e-businessG b;{N dRTO

Y.

F

FTP. DO |[ ANd].

kn} 141

H

HTML. OL[X:. 6)w pn.

HTTP. OL[X:. .#hG ANd].

HTTP -v. jslz W W.v)G Y% ANW%z

T2 % b] kE; 3.OB -v.

I

ICL. _`H Nu qO.

IETF (Internet Engineering Task Force). NM]k

ANd]G h9 W 3_; _!{8N 3.OB Wl. W

.v) 3hZ, n5Z, }jw<, ,8xG 9&{N }

\; k%UOY. IETFB NM] F0X3G 3_ W N

M]G x0Q gk n; VN YlOY.

IniEditor. Trust Authority!- 8: DO; m}OB

% gkOB 58.

IPSec. IETF!- 3_Q NM] ANd] 8H %X.

IPSecB W.v) h~ ANd]N-, Nu, +a:, W<

: &n W bP:G aU; /?{8N vxOB O#-

8H -q:& &xOb 'X mHH MTOY. -Q N

u bI8N NX L %X: 9: VPN &0 GEwZi

L NM] s!- H|Q v!# ,a; 8`Ob 'Q A

Nd]N- $COm V@OY.

ISO. 9& %X b8.

ITU. 9& kE \<.

J

Java. Sun Microsystemsg!- 3_Q W.v)& N

DOB, C'{ xk D;M bz <.TOY. Java /f

: Java OS,YgQ C'{G !s bh, 4< vb Java

ANW!V pn, )/ ,!:G sLj/.N 8:KOY.

Java !s bh(JVM). YL.ZeG X.; cgOB

Java 18S /fG ON.

Java VC4. VC4; |mOJC@. Java @kANW

%z q3OJC@.

Java pn. VC4z !L|. @kANW%k8N /0

w 3hH Sun Microsystemsg!- 3_Q ANW!V

pn.

Java @kANW%. Java pnN bOH 63{ ANW

%. % jslzG \X:. \N!- G`KOY.

Java ,!:. Java ANW% Ze \'.

K

KeyStore. Trust Authority 8:dR Z] um-(9;

O#-H |DG 0 W Nu)& zeOb 'Q DL.

L

LDAP. f. p:d. W<: ANd].

M

MAC. ^Cv Nu Ze.

MD2. 128q.G ^Cv d` XC Tv(Ron Rivest!

mH). PEM ANd]!- MD5M T2 gkKOY.

MD4. 128q.G ^Cv d` XC Tv(Ron Rivest!

mH). LM: MD28Y n h* u |(OY.

MD5. \fb ^Cv d` XC Tv(Ron Rivest! m

H). MD4! bsH v|TOY. MD5B 512q. mO

G TB X:.& 163G 32q. -jmO8N */OY.

L Km.rG bB: 32q. mO <.N- \O 128q

. XC *; 8:O5O ,aC2 MTOY. GQ PEM

ANd]!- MD2M T2 gkKOY.


MIME(Multipurpose Internet Mail Extensions). -

N Y% .Z <. pnN H X:.G s# 3/; c

kOB Z/ST gkR v VB :e <.. GQ NM]

lm %X; gkOB 9: vG -N Y% D;M C:

[ #!- V<Lpn |Z lm; ckUOY. 9& i

n |Z lm ^Cv! US-ASCII, 3NQ X:., LL

v, gne& wTC3 v V@OY.

N

NIST. zE NBS(93 %X g+R)N KAx 93 %

X W bz y8. D;M b] jw! Vn- 3f %X

z s#nk:; uxC0B \<TOY.

NLS. Z9n vx.

nonce. gkZ Nu; d;OB -v* @kANW%8

NNM [EGB .Z-. Nu; d;^: gkZ! 3N

k 0& gkO) nonce! -mUOY. gkZG xk 0

M -mH nonce! Nu; d;Q -v* @kANW%

! YC [EKOY. W.m *i -v! gkZG xk

0N -mH nonce& X6OA C5UOY. X6Q nonce

! [EH x! nonceM 08i gkZ! NuKOY.

NSA. 93 8H b|.

O

ODBC. 3f| %LM#L: ,a:.

OSI. 3f| C:[ s#,a.

P

PC +e. :6. +eM /gOg PCMCIA +esm

5 UOY. L +eB :6. +e8Y 6] )m, 8k

u 9: k.; !}OY.

PEM. qP: 8# -- ^O

PKCS. xk 0 O# [:} %X.

PKCS #1. xk 0 O# [:} %X; |mOJC@.

PKCS #10. xk 0 O# [:} %X; |mOJC@.

PKCS #11. xk 0 O# [:} %X; |mOJC@.

PKCS #12. xk 0 O# [:} %X; |mOJC@.

PKCS #7. xk 0 O# [:} %X; |mOJC@.

PKI. xk 0 ON86.

PKIX. X.509v3 b] PKI.

PKIX CMP. PKIX Nu |. ANd].

PKIX Nu |. ANd](CMP). PKIX Xv @kA

NW%zG ,a; !IOT OB ANd]. PKIX

CMP! TCP/IP& Ow |[ ^?Or8N gkOB Q,

RO '!B _s- h~L 8gUOY. LM: _! z

5 |[! kQ vx; !IOT UOY.

PKIX ;kZ. /$ nO 5^NL Trust Authority ,

sLp. @kANW%8NNMG d;; ;kOB% gk

OB xk HTTP -v.

R

RA. nO GQ.

RA |.Z. RA %:)>! W<:O) Nu W Nu

! kQ d;; |.R GQ; N)^: gkZ.

RA %:)>. Z] um- d;; 3.Om Z] um

-! /?Q |< b#! ID L& |.Ob 'Q W!

H NMdL:& RA! &xOB Java VC4.

RA -v. Trust Authority nO GQ 8:dR& 'Q

-v.

kn} 143

RC2. RSA %LM 8H; 'X Ron Rivest! 3hQ

!/ 0 )b mO O#. RCB Ron’s CodeGB Rivest’s

Cipher& *8@OY. DES8Y |#m DESG pTD k

<N- 3hH MTOY. {gQ 0 )b& gkT8Na

DES8Y u H|OE* Rp 0 =v! kX-B z H

|OT 8i v V@OY. 64q.G mO )b& !vg

RA.~n! Vn- DES8Y ` 2-3 h u |(OY.

RC2B DESM 0: peN gkL !IUOY.

RA.~n _%Z y8(SPA)M L$N#G y`!-

RC2 /v sB& &xUOY. LM: ]b BN AN<

:& O]{N O# v$} ]b AN<: 8Y u #\

Om |#T 8in ]OY. W/* |% ]b BNL {

UO5O 8ib 'X-B &0!- RC2 0 )b& 40

q.N ]eC &QCQ_(ON 9\B V8*) UOY. O

#-H + #b WLm; L. hjOAm C5OB 'T

Z& 7b 'X-B _!{N .Z-; gkR v V@O

Y.

RSA. _mZG L'(Rivest, Shamir, Adelman); }

xk 0 O#- Km.r. O#- W pvP -m! gk

KOY.

S

SET. 8H |Z .#hG

SGML. %X |k 6)w pn.

SHA-1(8H XC Km.r). pvP Nu %Xz gk

Ob 'X NIST W NSA!- 3hQ Km.r. L %X

: 8H XC %XLm SHAB %X! gkGB Km.

rTOY. SHAB 160q. XC& }:UOY.

SMTP. \x lm |[ ANd].

SSL. 8H RO h~.

S/MIME. NM]; kX |[GB |Z lmG -m W

O#-& vxOB %X. MIME; |mOJC@.

T

TCP/IP. |[ &n ANd]/NM] ANd].

TP. EZ $%.

Trust Authority. pvP NuG _`, ;E W kR&

vxOB kU IBM SecureWay8H VgG. L Nu:

$|Q NM] @kANW%! gkI v V8g, gkZ

& NuOm EZVB kE; 8eOb 'Q v\; &x

UOY.

U

URL. UO Zx '! 3$Z.

UTF-8. // |D. L |D: 8q. .Z <.8 3.

OB $8 3. C:[L 16q. /OZe& k@OB 8

q.N //Om $8G UG xL L& YC G91 v

V5O UOY.

V

VPN. !s 3Nk W.v).

W

WebSphere Application Server. gkZ! m:I %

gL.& 3_Om |.R v V5O 5MVB IBM &

0. \xQ % x3!- m^ e-business@kANW%!

L # B z $ ; k L O T X ] O Y . WebSphere

Application ServerB % -v W b] n5 <& pN

M 63H Javab] -m4 #x8N Lgn. V@OY.

X

X.500. D;M C:[; s#,aT8Na Yq{ Pj

W 9& p:d. -q:& gkOb 'Q %X. L|!


B CCITTN KA. Vx 9& kE \<(ITU)M %X

- 9& b8 W 9& |b -P y8(ISO/IEC)!- T

2 $GQ MTOY.

X.509 v| 3 Nu. X.509v3: Nu @kANW% $

8G ze W Kv, Nu Pj $8, Nu kR $8, $

% $8, pvP -m; 'Q $|'Q %LM 86& !

vm V@OY.

X.509v3 AN<:B pg Nu! Vn- C# RN; g

kOB CRL; [:UOY . NuL gkI '6Y

X.509v3 bI: @kANW%L Xg NuG /?:; !

KR v V5O UOY. GQ @kANW%L Xg CRL

! NuL VBv )N& G0R v V5O UOY.

X.509v3 CRL: v$H /? b#! kX [:R v V

@OY. Nu; +?-R v5 VB Y% /f; b]8

N R v5 V@OY. 9& in Q wxL 6w; 0*

B fl Xg Nu: CRL! uLT KOY.

X.509 Nu. N. ^Fi)vm VB Nu %X8N-,

8H |. W 8H NM] W.v) s!-G pvP -

m NuG Ph& vxOb 'X mHH %X. X.509 N

u: EZR v VB & 3Z! pvPN -mQ xk 0

G Ph& 'Q ANC`n& vkOB %LM 86& $

GUOY.

kn} 145

vN

[!]

(g

%LM#L: %LM 116

9Ze, =v 42

NW 48

6:) 44

YNy gLG #] /f 46

YNy C5 /f 45

8m-, }: 51

L%. Je 113

w. /f 42, 43

#:. L' /f 42

(g |.Z O# 6

(g |.Z 6! L%. 74

(g NW WLm 120

(g -jC:[

(g NW 3$ /f 48

(g 6:) /f 44

(g +a: !K /?.< 111

(g 88 W -m /?.< 110

|. 39

%LM#L: 8b 40

9Ze, $8 74

NW 46, 56

NW DO, 88 51

NW DO, -m 51

sB 54

-v 8: DO 100

1C{ L%. 75

@y NW 3$ /f 50

'S L%. 75

L%. NW 3$ /f 46

L%. 6:) 74

L%., $8 74

$8 73

(g -jC:[ (hS)

_{ NW 3$ /f 49

,sLp. 8: DO 105

w. /f 44

#:. L' /f 43

(g L%. 113

(g |.Z 6! 74

6:) 74

8H (v 74

1C{ 75

'S 75

Nu |. 74

0 |. 74

RA 74

3Nk 0 gk b# .e 65

3Nk .e 67

h~ 25

h~, CA 64

xk .e 67

|.

(g -jC:[ 39

p:d. -v 60

4758 O#- ZAN<- 62

CA -v 18

DB2 UDB 56

HTTP Server 16

RA -v 30

Trust Authority 5

WebSphere Application Server 14

|.Z, RA _! 31

|.Z, 9x0 RA _! 31

8P L'(DN) 69

8: DO 10, 81

(g -v 100

(g ,sLp. 105

8: DO 10, 81 (hS)

v$ 9

AuditClient.ini 105

AuditServer.ini 100

CA -v 82

jonahca.ini 82

jonahra.ini 91

RA -v 91

8: DO v$ 9

8:dR /| WLm 119

8:dR, Trust Authority

(g -v 39

-v C[ 7

-v _v 7

4758 O#- ZAN<- 62

CA -v 18

IBM HTTP Server 16

IBM SecureWayp:d. 60

RA -v 30


GQ $8 W<: .e 65

GQ 0 D0Z .e 65

UO Zx D0Z(URI) 24

bP: 70

b; &WgW .e 65

[Y]%LM#L: %LM, (g 116

%LM, (g %LM#L: 116

5^N, nO 71

nO 5^N 71

p:d. 60

p:d. |.Z O# 6

p:d. -v

|. 60


p:d. -v (hS)

NW 62

sB 60

-v 38

! kQ RA 3$ /f 38

$8 77

Wq 25, 28

pvP Nu 1, 69

[s]NW

(g 46, 48

(g -v 56

(g -jC:[ 51

p:d. -v 62

@y 50

L%. 46

_{ 49

CA -v 28

DB2 60

HTTP Server 18

RA -v 36


[6]6:), (g 44

^Cv Nu Ze(MAC) 64

^Cv, PKIX 63

mI` /?.<

(g +a: !K 52

(g 88 W -m 51

CA Nu 22, 25

+a: 70

+a: @N 75

+a: !K 52, 75

.&! Xa 122

[Y]YNy 45, 46

_`H Nu qO(ICL) 70

_`Z 3< L' .e 65

iw 13

AIX 13

Trust Authority %LM#L: 13

Windows NT 13

0m v$, IP 77

8m-, (g 51

8b, (g %LM#L: 40

8H (v L%. 74

8H, Trust Authority 63

9x 13

AIX 13

Trust Authority %LM#L: 13

Windows NT 13

[g]sB

(g -v 54

p:d. -v 60

CA -v 29

DB2 %LM#L: 57

HTTP Server 16

RA -v 36


s# Nu 22, 64, 68

-m 70

-m /?: 70

-v

(g 39

8:dR C[ 7

8:dR _v 7

p:d. 38, 77

% 76

CA -v 18

HTTP 16, 77

RA 30

WebSphere Application 14, 76

-v 8:dR C[ 7

R: WLm 118

vm, CRL 21

:6. +e 73

BNH #<< WLm 118

BNH *R WLm 119

C:[ WLm 121

EZ VB kE 1

[F]O#

(g |.Z 6

p:d. |.Z 6

/f 5

&n ANW% 5

4758 CA ANDO 5

O# /f /?.< 5

O#- #x 63

O#- ZAN<-, 4758 71

O#- 0 70

W<: &n qO(ACL) 63, 64

5b^B #<< /| WLm 119

@y NW 50

@j'. D0Z(OID) 78

% -v 76

/?.<

(g +a: !K 52

(g +a: !K /?.< 111

(g 88 W -m 51, 110

/?.<, O# /f 5

CA Nu 22, 25, 107, 109

IniEditor 9

RA gkZ _! 32

Trust Authority &n 7

/?:, -m 70

L' &QgW .e 65

L%. NW 46

L%. I"5 WLm 117

L%. &n WLm 117

L%., (g 43, 113

Nu 1, 69

;E 1


Nu 1, 69 (hS)

_` 1

Nu kR qO(CRL) 1

kR 1

kR qO(CRL) 68

.e 64

Nu |. L%. 74

Nu b|(CA) 63

Nu $% .e 65

Nu, pvP 1, 69

[Z][: #], CRL 20

gC5 43

gC5 #] 35

|Z lm VR 24, 27

$% JN .e 65

$% &QgW .e 65

&n ANW% O# 5

V< 3< L' .e 65

V< p:d. S: .e 65

V< 0 D0Z .e 65

[w]9x0 RA |.Z _! 31

;kZ w. 34

_{ NW 49

kR qO(CRL), Nu 1

[+]0

O#- 70

MAC 70

0 |. L%. 74

0 gk .e 65

0 WLm 117

[8]kE, EZ VB 1

[D]DO, 8: 81

w:. #] 38

w. 38, 42, 44

(g -v 42, 44

p:d. -v 38

CA -v 19

RA -v 34

z5 #] 20, 35

%X

ASN.1 78

CCITT 78

ISO 78

ITU 65, 78

RFC 2459 65

X.509v3 65

X.680 78

%X .e 65

%, (g %LM#L:

(g NW WLm 120

8:dR /| WLm 119

R: 118

BNH #<< 118

BNH *R 119

C:[ WLm 121

5b^B #<< /| WLm 119

L%. I"5 117

L%. &n 117

0 117

Je, (g L%. 113

[O]#:. L' 38, 42

.e

3Nk 67

xk 67

d; e' 68

Nu 64

%X 65

.e 0 gk .e 65

[}Z]4758 CA ANDO 5

4758 9& 14

4758 O#- ZAN<- 62

|. 62

9& 14

O#- ZAN<- 71

AAIX

iw 13

9x 13

ASN.1 78

AuditClient.ini 10, 105

AuditServer.ini 10, 100

CCA -v

|. 18

8: DO 82

NW 28

sB 29

;kZ w. 19

z5 #] /f 20

CRL 3$ /f 20

CA(Nu b|)

h~ 64

s# Nu 64

Nu /?.< 107

CCITT 78

CRL Ph wN. .e 65

CRL(Nu kR qO) 68

3$, /f 20

vm 21

[: #] 20

vN 149

DDB2 %LM#L: 76

|. 56

NW 60

sB 57

DES 62

DNS VR 23, 26

HHTTP Server 16

|. 16

NW, !K 18

sB 16

HTTP ServerNW /f 18

IIBM HTTP Server 16, 77

ICL(_`H Nu qO) 70

IniEditor /?.<

E3/v _! 12

E3/v m} 11

gk} 11

=G _! 11

G` 9

DO ze 12

IP 0m v$ 77

IP VR 6:) 23, 26

IP VR, /f 12

ISO 78

ITU %X 65, 78

Jjonahca.ini 10, 82

jonahra.ini 10, 91

LLDAP, (f. p:d. W<: ANd

]) 60

MMAC 0 70

PPKIX ^Cv 63

RRA |.Z _! 31

RA -v 30

|. 30

8: DO 91

p:d.G w. /f 38

p:d.G #:. L' /f 38

NW 36

sB 36

gC5 #] /f 35

;kZ w. /f 34

z5 #] /f 35

RA L%. 74

RA(nO GQ)

|.Z 71

|.Z _! 32

$8 71

9x0 |.Z _! 31

9x0 RA |.Z _! 31

RA gkZ /?.< _! 32, 109

RFC 2459 65

RSA 62

SSQL mIn 32

TTrust Authority

|. 5

Trust Authority (hS)

iw 13

8H 63

9x 13

3m 1

&n /?.< 7

IP VR, /f 12

UURI 28

WWebSphere Application Server 14, 76

|. 14

NW 15

sB 14

Windows NT

iw 13

9x 13

XX.509v3 65

X.680 78


IBM

ANW% x#: 5648-D09

SA30-0875-00

IBMpublib.boulder.ibm.com/tividd/td/PKI/SH09-4532-02/ko_KO/PDF/iausmst.pdf · Start_TA.sh v Windows...

Documents

Transcript of IBMpublib.boulder.ibm.com/tividd/td/PKI/SH09-4532-02/ko_KO/PDF/iausmst.pdf · Start_TA.sh v Windows...