Home » IBM Manuals » Computer Software » IBM E02HRLL-G » Manual Viewer

IBM E02HRLL-G Administration Guide - Page 57

Configuring the certpath related properties, Configuring CRLDP

Add to My Manuals
Save this manual to your list of manuals

Page 57 highlights

1. In the Console, navigate to Profile > {Partner} > Certificate > Certificate Management 2. If you have logged in as a Hub Operator, then choose an internal partner and external partner. Make sure that both the values are not ″ALL″. 3. Click Search to filter partners or subset of partners. Note: The From and To packages are preloaded based on the partners. The subsets will also be displayed in the table based on your selection. The table columns have SSL client, Digital Signature (this will be disabled when the From partner is set to ″ALL″) and encryption (will be disabled if the To partner is set to ″ALL″. The rows have operation type). 4. Update the Certificate sets and click Save. The changes will be reflected at the connection level. Configuring the certpath related properties The certpath properties can be configured using the WebSphere Application Server admin console and the WebSphere Partner Gateway console. Access these properties by clicking System Configuration > DocMgr Configuration > Security. The properties are displayed using a read-only view. If you want to edit them, click the Edit icon. The following descriptions are brief summaries of the configuring process used with the certpath related properties. bcg.CRLDir This property contains the name of the directory where the CRLs are stored. The default value is: /common/security/crl bcg.checkRevocationStatus This property specifies if the revocation status is checked. The valid values for this property are true, false and blank. If the value is set to either true or blank, the revocation status of the digital certificates is checked. If the value is set to false, the revocation status is not checked. The default value and recommended setting of this property is true. bcg.build_complete_certpath This property specifies if the certpath is built to the root certificate or to the issuer certificate. The valid values for this property are true, false and blank. If the value is set to true or blank, the certpath is built to the root certificate. If the value is set to false, the certpath is built to the issuer certificate only. The default value and recommended setting of this property is true. Configuring CRLDP Configuring CRL DP (Certificate Revocation List Distribution Point) requires you to: v Set the Java Virtual Machine to enable or disable CRLDP v Set the HTTP proxy host and port Changing the Java Virtual Machine settings for CRLDP: Chapter 5. Account administration tasks 51

Section	Page
Contents	3
Chapter 1. About this book	7
Audience	7
Roles, access levels, and responsibilities	7
Typographic conventions	8
Related documents	9
New in release 6.2	9
Chapter 2. Managing the WebSphere Partner Gateway component applications	11
Managing WebSphere Partner Gateway components in a simple mode system	11
Managing WebSphere Partner Gateway components in a distributed mode system	12
The Deployment Manager	13
Starting and stopping servers from the command line	14
Starting and stopping FTP Management Server from command line	14
Starting and stopping the components in a simple distributed mode system	15
Starting servers in a simple distributed mode system	15
Stopping servers in a simple distributed mode system	16
Starting and stopping the components in a full distributed mode system	17
Starting servers in a full distributed mode system	17
Stopping servers in a full distributed mode system	18
Chapter 3. Basic Community Console tasks	21
Logging in to the Community Console	21
Navigating through the Community Console	22
Community Console icons	22
Logging off from the Community Console	24
Chapter 4. Hub administration tasks	25
Managing password policy	25
Changing database connectivity, database user and password	26
Managing event codes	26
Viewing and editing event codes	27
Exporting event code names	27
Specifying events that can be notified	28
Document Validation Errors	28
Managing receivers	28
Viewing and editing receiver details	28
Enabling or disabling receivers	28
Deleting receivers	29
Localizing HTTP synchronous target time out	29
Managing interactions and document definitions	29
Managing XML formats	30
Large file support	31
Enabling or disabling actions	31
Managing handlers	31
Importing a handler	32
Deleting a handler	32
Configuring the content-type attribute in handlers	32
Managing maps	33
Updating validation maps	33
Viewing validation maps Where used	33
Deleting validation maps	33
Managing transformation maps	33
Managing EDI FA maps	34
Managing EDI	34
Envelope profile	34
Enveloper	35
Connection profiles	36
Control number initialization	36
Current control numbers	37
Managing system configuration data	38
Configuring the alert mail server	39
Viewing system activity	39
Managing event delivery	40
Managing API calls	40
Managing Document Manager information	41
Maximum hold time	41
Maximum files-per-poll-interval	41
Supporting ebMS	42
Uploading a CPA to WebSphere Partner Gateway	42
Non-prepopulated attributes	43
Algorithms supported by the ebMS	44
Configuration details for validating Webservices	44
Using non-repudiation logging	45
Using message store	45
Prerequisite to setup WebSphere Partner Gateway - WebSphere Transformation Extender Integration Environment	46
Chapter 5. Account administration tasks	47
Managing partner profiles	47
Viewing and editing partner profiles	47
Searching for partners	47
Deleting partners	48
Managing destination configurations	48
Required information for destination configuration	48
Viewing and editing destinations	49
Viewing and editing default destination	51
Viewing destination Where used	51
Deleting destination	51
Uploading transports	52
Deleting transports	52
Transport and destination retries	52
Forward proxy support	55
Managing certificates	55
Configuring the certpath related properties	57
Viewing and editing digital certificates	58
Disabling a digital certificate	59
Changing B2B attribute values	59
Managing partner connections	60
Connection components	60
Connection duplication	61
Searching for connections	61
Changing connection configurations	63
Managing exclusion lists	64
Adding partners to the exclusion list	65
Editing the exclusion list	65
Chapter 6. Administering partner migration	67
Using the migration utility from the command line	67
Invoking from the command line	69
Mapping of XML element with Console	71
Exporting partner migration	73
Considerations when creating your own import data	75
Manual validation of the import file	75
Migration configuration type dependencies	75
Export/Import order	78
BCG and DIS Import	79
Non-migratable configurations	79
Limitations of the migration utilities	79
Forward proxy migration	79
Chapter 7. LDAP support for logon authentication	81
Using LDAP	81
Enabling the container managed authentication mechanism	81
Enabling J2EE security	81
User names and groups	82
Stopping the use of LDAP authentication	82
Sample LDAP configuration	83
Configuring the WebSphere Application Server for the standalone IBM Tivoli Directory Server	83
Specifying LDAP users to use the WebSphere Partner Gateway Console	85
Chapter 8. Support for IPv6	87
Enabling tunneling IPv6 over IPv4	87
RHEL Linux 3	87
Windows 2003/XP	87
HP-UX 11i	88
Enabling IPV6	88
Configuring attributes	89
Chapter 9. Managing the Destination Queue	91
Viewing the Destination Queue	91
Viewing queued documents	92
Stopping the processing of documents from the destination queue	93
Viewing destination details	94
Changing destination status	94
Chapter 10. Analyzing document flows	95
Document Analysis tool	95
Viewing the state of documents in the system	96
Viewing documents in the system	96
Viewing process and event details	97
Document Volume Report	97
Creating a Document Volume Report	97
Exporting the Document Volume Report	98
Printing reports	98
Test Partner Connection	98
Pinging ebMS partners	99
Web Server result codes	99
EDI Reports	102
EDI FA Overdue Search	102
EDI Rejected Transaction Search	103
FTP Reports	105
FTP Statistics	105
FTP Connections	105
Chapter 11. Viewing events and documents	107
Event Viewer	107
Event types	108
Searching for events	108
Viewing event details	109
Error events	109
AS Viewer	110
Searching for messages	111
Viewing message details	112
RosettaNet Viewer	113
Searching for RosettaNet processes	113
Viewing RosettaNet process details	114
Viewing raw documents	115
Document Viewer	115
Searching for documents	115
Viewing document details, events, and raw documents	117
Mass document resend	118
Viewing EDI documents	119
Document Validation Errors	120
Viewing data validation errors	121
Stopping a document that is in process	122
Re-sending failed and successful documents	122
ebMS Viewer	124
Searching for ebMS processes	124
Viewing ebMS process details	125
Viewing raw documents	125
Requesting and viewing the status of a document	126
Destination Queue	126
Chapter 12. Simulating production traffic	127
Preparing to test	128
Setting up test scenarios	128
Sample scenarios	129
Uploading and viewing your requests and responses	131
Initiating and viewing document type	131
Searching for an open document	132
Responding to an open document	132
Removing an open document	133
Chapter 13. Archiving	135
Archiver configuration	135
View archiver task	135
Archiver task modification	137
Export and Import of archiver configuration	138
Archiver runtime tasks	138
Archiver reports	139
Archiver Restore	141
Restoring archived data of WebSphere Partner Gateway V6.1 and earlier	142
Searching the restored documents	142
User intervention for archiving	143
Archiver Restrictions	144
Chapter 14. Using logging and tracing features	145
Log and trace files	145
Log file management	146
Trace file management	147
Configuring tracing in a simple mode system	148
Setting tracing in a distributed mode system	148
Tracing tasks common to both types of systems	149
Setting log detail levels	150
Identifying WebSphere Partner Gateway trace messages	151
EDI, XML, ROD subcomponent tracing	151
Interpreting WebSphere Application Server log and trace messages	152
WebSphere Application Server event types	152
Integrated FTP Server logging	152
Chapter 15. FTP Server Configuration Management	155
FTP user management	156
Chapter 16. Relocation and Redeployment of WebSphere Partner Gateway	157
Prerequisites	157
Restoring the configuration details	158
Changing host name and IP address of WebSphere Partner Gateway	158
Changing the host name and port number of database	159
Changing the port numbers	159
Relocation and redeployment examples	160
Chapter 17. Troubleshooting	163
Avoiding long processing time on large encrypted AS documents	164
Avoiding long processing time for large encrypted documents	165
Avoiding out-of-memory errors	165
Document Manager memory configuration	165
Document Manager workload	166
Document structure	166
Increasing the heap size	166
Collating data for multiple languages	166
Ensuring sufficient virtual memory for DB2 agents	167
Fixing DB2 SQL errors	167
SQLCODE -444 error	168
SQLCODE -289 error	168
SQLCODE -1225 error	168
SQL 0964C Transaction log full error on the BCGMAS database	168
IBM service log unreadable	169
WebSphere Application Server informational messages	169
Increasing the Receiver timeout setting	169
Optimizing database query performance	170
Resolving event 210031	170
Documents routed twice when network is lost or document manager server shutdown abruptly	171
0A1 generated with data validation errors	171
EDI reports export the first 1000 records only	171
Console does not start after a server restart	171
FTPScripting Receiver receives StringIndexOutofBoundsException	172
Error scenario	172
Working scenario	172
Receiver Failure to read Configuration File	172
Configuring Users to receiving Alerts Notification	172
Resolving ClassNotFoundException for User Exit classes	173
Reprocessing events and business documents that fail to log to the database	173
Disabling JIT in a WebSphere Application Server when WebSphere Partner Gateway produces a javacore	174
Defining a custom transport type	174
Resolving WebSphere Partner Gateway errors BCG210031 and BCG240415	174
Creating File directory destination on a drive other than C:	175
Preventing partner transactions from being processed by WebSphere Partner Gateway	175
Fixing the browser ERROR: 500	176
Downloading CRL for SSL transactions	176
Databinding in JMS Exports/Imports within WebSphere Process Server	177
Fixing test partner connection for SSL connections	178
Fixing errors BCGEDIEV0O56 and BCG210001	178
Fixing ORA-00988 error	178
Configuring Content-Types attribute for the fixed workflow handlers	178
Fixing BCG210013 error	179
Increasing buffer size to prevent document transmission low performance	180
WebSphere Partner Gateway hub installer logs error messages	180
DB password required error in bcgHubInstall.log	181
Using revocation check and using CRL DP support	181
Returning document volume report search information about the console	181
Loading the native library	182
Fixing error TCPC0003E and CHFW0029E	182
CA certificate expiration	183
VCBaseException in the SystemOut.log	184
Reporting file size for documents greater than 2 GB	184
SSL handshake fails because no certificate received	184
Fixing the hanging threads warning	185
Stopping the Document Manager exception	185
Fixing WebSphere MQ messages	186
MQJMS2007 error	186
MQJMS2013 error	187
java.security.InvalidKeyException: Illegal key size or default parameter	187
The MDN status of ′unknown′ for AS transactions	187
Servers fail to start after applying fixes	187
Correcting the shortcut ports for WebSphere Application Server	188
Avoiding duplicate document delivery when there is more than one router	188
Rendering of tab headings on displays with resolution greater than 1024	189
Documents not processed when using Oracle 9i Release 2	189
Document processing when the database goes down	189
java.lang.NoClassDefFoundError with reprocessDbLoggingErrors.bat	190
Recovery process when queue and disk is full or unavailable	190
Workflow Handler Runtime Error	190
Error while invoking WebSphere Transformation Extender Map	191
IBM Support Assistant (ISA) Plugin	191
Partner Migration Utility with LDAP	191
AS signature failure for interop content type	192
Appendix A - performance considerations	193
Managing queue overflow	193
Generating summary data	193
Appendix B - failed events	195
Appendix C - component-specific system attributes	229
Configuring attributes as WebSphere Application Server ND environment variables	229
Editing RosettaNet attribute values	229
Editing FTP Administration	230
Attribute tables	234
Notices	259
Programming interface information	261
Trademarks and service marks	261
Index	263
A	263
B	263
C	263
D	263
E	264
F	264
G	264
H	264
I	264
J	264
L	264
M	264
N	265
O	265
P	265
Q	265
R	265
S	265
T	265
U	266
V	266
W	266

Match case Limit results 1 per page

In the Console, navigate to

Profile

{Partner}

Certificate

Management

If you have logged in as a Hub Operator, then choose an internal partner and

external partner. Make sure that both the values are not

″

ALL

″

Click

to filter partners or subset of partners.

Note:

The

From

and

packages are preloaded based on the partners. The

subsets will also be displayed in the table based on your selection. The table

columns have SSL client, Digital Signature (this will be disabled when the

From

partner is set to

″

ALL

″

) and encryption (will be disabled if the

partner is set

″

ALL

″

. The rows have operation type).

Update the Certificate sets and click

Save

. The changes will be reflected at the

connection level.

Configuring the certpath related properties

The certpath properties can be configured using the WebSphere Application Server

admin console and the WebSphere Partner Gateway console. Access these

properties by clicking

System Configuration

DocMgr Configuration

Security

The properties are displayed using a read-only view. If you want to edit them,

click the

Edit

icon. The following descriptions are brief summaries of the

configuring process used with the certpath related properties.

bcg.CRLDir

This property contains the name of the directory where the CRLs are

stored. The default value is:

WebSphere Partner Gateway Install Dir

>/common/security/crl

bcg.checkRevocationStatus

This property specifies if the revocation status is checked. The valid values

for this property are true, false and blank.

If the value is set to either true or blank, the revocation status of the digital

certificates is checked. If the value is set to false, the revocation status is

not checked.

The default value and recommended setting of this property is true.

bcg.build_complete_certpath

This property specifies if the certpath is built to the root certificate or to

the issuer certificate. The valid values for this property are true, false and

blank.

If the value is set to true or blank, the certpath is built to the root

certificate. If the value is set to false, the certpath is built to the issuer

certificate only.

The default value and recommended setting of this property is true.

Configuring CRLDP

Configuring CRL DP (Certificate Revocation List Distribution Point) requires you

to:

Set the Java Virtual Machine to enable or disable CRLDP

Set the HTTP proxy host and port

Changing the Java Virtual Machine settings for CRLDP:

Chapter 5. Account administration tasks