Brocade Communications Systems 53-1001778-01 User Manual

Page 65

Advertising
background image

Brocade SMI Agent User’s Guide

49

53-1001778-01

Client configuration to use client certificates

4

.client.ind.truststore

clientind.cer

There are three ways to configure a WBEM client to use a client certificate with the SMI-A:

using a property file

using system property values when invoking the WBEM client

using a WBEM client listener program (mutual authentication for indications only)

Configuring a client to use client certificates using a property file

1. Create a WbemClient.properties file, which contains information for the configuration of the

client keystore and truststore.

For example, if the SMI-A is installed under D:\smiagent, the contents of the
WbemClient.properties file should be as follows.

Mutual authentication for clients:

javax.net.ssl.keyStore=D:/smiagent/agent/client/.client.keystore
javax.net.ssl.keyStorePassword=SSLclient
javax.net.ssl.trustStore=D:/smiagent/agent/client/.client.truststore
javax.net.ssl.trustStorePassword=trustSSLclient

Mutual authentication for indications:

wbem.indications.keyStore=D:/smiagent/agent/client/.client.ind.keystore
wbem.indications.keyStorePassword=SSLindication
wbem.indications.trustStore=D:/smiagent/agent/client/.client.ind.truststore
wbem.indications.trustStorePassword=trustSSLindication

Note that both the javax.net.* properties and the wbem.indications.* properties can be
specified in the same WbemClient.properties file.

2. Modify the CLASSPATH environment variable to reference this file.

The CLASSPATH should contain only the path to the directory where the file is present and not
the path to the file itself. For example, if the WbemClient.properties file is located at
C:\SMIAgent\agent, then the CLASSPATH environment variable should be:

C:\SMIAgent\agent

Configuring a client to use client certificates using system property
values

Pass the required system properties as jvm parameters on the command line, using the -D
option as follows.

Mutual authentication for clients:

java -classpath <SMIAgent>/agent/lib/wbem.jar
-Djavax.net.ssl.keyStore=<SMIAgent>/agent/client/.client.keystore
-Djavax.net.ssl.keyStorePassword=SSLclient
-Djavax.net.ssl.trustStore=<SMIAgent>/agent/client/.client.truststore
-Djavax.net.ssl.trustStorePassword=trustSSLclient
clientprogram

Advertising
Popular Brands
Popular manuals