IBM WebSphere DataPower SOA Appliances is a family of purpose-built, easy-to-deploy network devices (XML appliances) that simplify, help secure, and accelerate XML and Web Services deployments while extending SOA infrastructure.
Venafi has a driver to interact with and provide full provisioning of certificates to this device and application.
Create the application object first:
Steps to configure the DataPower application object:
Complete the DataPower object:
- Uncheck Processing Disabled
- Associated certificate is where you would manually choose what existing certificate applies to this driver. This is the certificate installed on the application.
- If this does not yet exist then there is no need to select Edit.
- Description - Create a description for the DataPower object
- Contact - User or group identities assigned to this object, The default notifications are sent to these
- Approver - User or group identities assigned to approve Workflow
- Application Credentials - Set up credentials to authenticate with the application
- SSH Port – select SSH port to use
- Hostname/Address of your SFTP server to intermediately hold the certificate data
- Enter the credentials to access the SFTP server
- Enter the path to the Keystore
- Select the port to use for this communication
- Enter your DataPower Application Domain
- Select Certificate only or Both Certificate and Private Key depending on your needs
- Select Validation, Identification, and Crypto checkboxes where applicable to your specific DataPower setup
SSL Proxy Profile Configuration -DATAPOWER SPECIFIC
Enter SSL Proxy Profile (Like Network interface for DataPower)
Create credential for the private key you are creating
Certificate and Private Key Settings
Choose if you want to install the full certificate chain
Choose if you want to use FIPS
Other fields will become populated
Select the Edit button and populate the fields if a certificate already exists on the DataPower appliance
DataPower Driver Stages: