Configuring Secure Connections to a Sterling External Authentication Server

In addition to defining which external authentication server to use for secure connections, you must also configure the secure connection in both IBM® Sterling Control Center Monitor and Sterling External Authentication Server.

About this task

To secure your connection between IBM Sterling Control Center Monitor and Sterling External Authentication Server, you must define a keystore and truststore in IBM Control Center. You can configure only one keystore and truststore for IBM Sterling Control Center Monitor. You use the same keystore and truststore that you configured for both secure client connections and for secure connections to monitored servers. The truststore must contain either the self-signed certificate or the CA trusted certificate for SEAS. You also need to configure the Secure Listener, and the keystore and truststore information in Sterling External Authentication Server System Settings.

To secure connections to a Sterling External Authentication Server:

Procedure

  1. Configure the IBM Sterling Control Center Monitor keystore and truststore by using the IBM Sterling Control Center Monitor configCC utility. Refer to Changing system settings after installation for more information on running the configCC utility.
  2. Enable Sterling External Authentication Server to accept secure connections. At a minimum, you must configure the following information in the System Settings user interface in the Sterling External Authentication Server:
    1. Specify and enable a secure listener port by defining Listener Connection Settings in the Sterling External Authentication Server System Setting Global tab. Refer to Settings Listener Connection Settings in the Sterling External Authentication Server knowledge center.
    2. Configure a keystore file by defining the SSL keystore file and password on the System Settings SSL tab in Sterling External Authentication Server
    3. Configure a truststore file by defining the Trusted Certificates file and password on the System Settings Trusted Certificates tab in the Sterling External Authentication Server.