IBM Sterling: Configurando comunicação TLS entre os componentes: Difference between revisions
| Line 30: | Line 30: | ||
Keystore and truststore configuration ... | Keystore and truststore configuration ... | ||
Provide the path to your java keystore file [..\conf\security\CCenter.keystore]: ''' | Provide the path to your java keystore file [..\conf\security\CCenter.keystore]: '''/home/iccuser/IBM/CC/keystore_testnet.jks''' | ||
Please provide password to the keystore (at least 6 chars, no blanks): <SENHA_KEYSTORE> | Please provide password to the keystore (at least 6 chars, no blanks): <SENHA_KEYSTORE> | ||
Re-enter Password: <SENHA_KEYSTORE> | Re-enter Password: <SENHA_KEYSTORE> | ||
Informe o Alias da key que iremos usar: | Informe o Alias da key que iremos usar: | ||
These are the aliases found in the keystore /home/iccuser/IBM/CC/keystore_testnet.jks | |||
[TESTNET_KEY_CCSERVER] | [TESTNET_KEY_CCSERVER] | ||
Enter Alias for Key: [TESTNET_KEY_CCSERVER] : | Enter Alias for Key: ['''TESTNET_KEY_CCSERVER'''] : | ||
Informar a senha e o local do Truststore | Informar a senha e o local do Truststore | ||
Provide the path to your trust store file [..\conf\security\CCenter.truststore] : ''' | Provide the path to your trust store file [..\conf\security\CCenter.truststore] : '''/home/iccuser/IBM/CC/truststore_testnet.jks''' | ||
= Configurando o IBM Sterling B2B Integrator para SSL= | = Configurando o IBM Sterling B2B Integrator para SSL= | ||
Revision as of 22:01, 2 November 2020
Criando as chaves
Quando criarmos as requisições de assinatura (CSR), você irá utilizar o artigo OpenSSL: Assinando um CSR com a nossa CA.
IBM Sterling Control Center
Configuração do Keystore/Truststore via configCC
Execute o Configuration Manager
iccuser$ /home/iccuser/CC/bin/configCC.sh
Será perguntado sobre configurar o Keystore/Truststore
--------------------------------------------------------------------
Config step : Keystore / truststore configuration ...
Warning: Specify a valid keystore.(See the documentation to build one)
Otherwise the secure connectors may not start.
--------------------------------------------------------------------
Do you want to configure the keystore and truststore files? (Y/N) Y
Are you sure about your selection? (Y/N) Y
Informar a senha e o local do Keystore
Keystore and truststore configuration ... Provide the path to your java keystore file [..\conf\security\CCenter.keystore]: /home/iccuser/IBM/CC/keystore_testnet.jks Please provide password to the keystore (at least 6 chars, no blanks): <SENHA_KEYSTORE> Re-enter Password: <SENHA_KEYSTORE>
Informe o Alias da key que iremos usar:
These are the aliases found in the keystore /home/iccuser/IBM/CC/keystore_testnet.jks [TESTNET_KEY_CCSERVER] Enter Alias for Key: [TESTNET_KEY_CCSERVER] :
Informar a senha e o local do Truststore
Provide the path to your trust store file [..\conf\security\CCenter.truststore] : /home/iccuser/IBM/CC/truststore_testnet.jks
Configurando o IBM Sterling B2B Integrator para SSL
1) Ir para o diretório properties
cd /home/siuser/SI/properties
1) Editar o arquivo customer_overrides.properties e adicionar
noapp.HTTPS_REDIRECT_WARS=admin,dashboard,gbm,communitymanagement,myaft,portlets,filegateway,myfilegateway,myfg noapp.SKIP_BASEPORT_DEPLOYMENT_WARS=admin,dashboard,gpm,communitymanagement,myaft,portlets,filegateway,myfilegateway,myfg noapp.HTTPS_LIST_PORT=5001
Se quiser alterar o certificado também
noapp.sslCert=<CERTIFICADO_INTERNO_CRIADO>
Salvar o arquivo
2) Editar o arquivo sandbox.cfg e alterar
WEBAPP_LIST_PORT=5001 WEBAPP_PROTOCOL=https
Salvar o arquivo
3) Pare o B2Bi/SFG
4) Executar os commandos
cd /home/siuser/SI/bin ./setupfiles.sh ./deployer.sh
5) Inicie o B2Bi/SFG