Interoperating with previous product versions

IBM WebSphere Application Server inter-operates with the previous product versions. Use this topic to configure this behavior.

Before you begin

Interoperability is achieved using the z/SAS security mechanism for local OS and SAF-based authorization.

Important:

Procedure

  1. If Secure Sockets Layer (SSL) is configured on a previous product version, your servers must have a basis to establish trust. Using Resource Access Control Facility (RACF), your system can check to ensure that the intermediate server can be trusted. To confer this level of trust, CBIND authorization is granted by administrators to RACF user IDs that run secure system code. System SSL repertoires use a System Authorization Facility (SAF) keyring to retrieve the personal certificate and trust stores. You must connect the trust basis for the server certificates of the previous version server with the keyring of the current server version. Note that in a default setup, the server certificate refers to the certificate authority certificate in the previous statement.
  2. Extract and add server certificates into the server key ring file of the previous version.
    1. Open the server key ring file using the key management utility (iKeyman) and extract the server certificate to a file.
    2. Open the server key ring of the previous product version, using the key management utility and add the certificate that is extracted from your current version of WebSphere Application Server.
  3. Extract and add trust certificates into the trust key ring file of the previous product version.
    1. Open the trust key ring file using the key management utility and extract the trust certificate to a file.
    2. Open the trust key ring file of the previous product version using the key management utility and add the certificate that is extracted from the product.
  4. If single sign-on (SSO) is enabled, export keys from the product and import them into the previous product version.
    Note: It is also possible to export keys from some previous product versions and import them to the current version.
  5. Verify that the application uses the correct Java Naming and Directory Interface (JNDI) name.
  6. Stop and restart all the servers.
  7. Make sure that the correct naming bootstrap port is used to perform naming lookup.
Task topic    

Terms of Use | Feedback

Last updated: Sep 20, 2010 10:03:57 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-zos&topic=tsecinteroperaten
File name: tsec_interoperaten.html