Migrating the DCAS server to use AT-TLS policies

You must migrate DCAS configuration files to use AT-TLS policies.

Complete the following steps to migrate the DCAS server to use AT-TLS policies:
  1. Customize the DCAS server for TLS/SSL. For more information, see Customizing DCAS for TLS/SSL.
  2. Migrate the DCAS configuration file. For more information about DCAS configuration keywords and equivalent AT-TLS policies, see Table 1.
Table 1. Migrating existing DCAS server to use AT-TLS policies
DCAS configuration AT-TLS equivalent statement AT-TLS policy statement
ClientAuth Local1

HandshakeRole ServerWithClientAuth

ClientAuthType Required

TTLSEnvironmentAction

TTLSEnvironmentAction ->
TTLSEnvironmentAdvancedParms
ClientAuth Local2

HandshakeRole ServerWithClientAuth

ClientAuthType SAFCHECK

TTLSEnvironmentAction

TTLSEnvironmentAction ->
TTLSEnvironmentAdvancedParms
IPADDR LocalAddr TTLSRule
KEYRING Keyring

TTLSEnvironmentAction ->
TTLSKeyringParms
LDAPPORT GSK_LDAP_SERVER_PORT

TTLSEnvironmentAction ->
TTLSGskAdvancedParms ->
TTLSGskLdapParms
LDAPSERVER GSK_LDAP_SERVER

TTLSEnvironmentAction ->
TTLSGskAdvancedParms ->
TTLSGskLdapParms
Port LocalPortRange TTLSRule
SAFKEYRING Keyring

TTLSEnvironmentAction ->
TTLSKeyringParms
STASHFILE KeyringStashFile

TTLSEnvironmentAction ->
TTLSKeyringParms
V3CIPHER V3CipherSuites

TTLSEnvironmentAction ->
TTLSCipherParms
Parent topic: Express logon services with the Digital Certificate Access Server