Ca root certificate distribution – Nortel Networks NN42030-300 User Manual

Manage TLS certificates

41

/usr/java/jdk1.5.0_03/bin/keytool -storepasswd
-new <new_password> -storepass <od_password>
-keystore /opt/SQMobilityGW

where

<old_password> is the existing keystore password.
<new_password> is your chosen password.

4

Change the working directory:

cd /opt/SQmobilityGW/tomcat/conf/

5

Open the server.xml file using an available editor (for example,
vi).

6

Locate the following default line:

clientAuth="false" sslProtocol="TLS" key
storeFile="/opt/SQMobilityGW/.keystore"
keypass="firsthand"

7

Change

keypass="firsthand"

to

keypass="<new_passwo

rd>"

.

where

<new_password> is the password entered in the

keytool command.

8

Save and close the server.xml file.

9

Restart the service:

sudo /sbin/service mobilitygw restart

--End--

CA root certificate distribution

You must ensure the CA root certificate is installed (in DER format) on all
mobile client devices that register with the MCG 3100 Server. Depending
on which CA you choose, the root certificates are preinstalled or you
distribute the root certificates to the clients for manual installation.

Various methods of root certificate distribution are available. Typically, the
administrator e-mails the root certificate to the mobile client users who
need it (Windows Mobile Single Mode and Nokia clients). The users must
install the certificate on their devices.

After the user installs the root certificate, the mobile client communicates
with the MCG 3100 using TLS security.

Nortel Mobile Communication 3100 Series Portfolio

Nortel Mobile Communication Gateway 3100 Installation and Upgrades

NN42030-300

02.03

Standard

9 May 2008

Copyright © 2007, 2008 Nortel Networks

.