Tivoli Header

Tivoli Storage Manager for Windows Backup-Archive Clients Installation and User's Guide


Appendix E. Web Client Secure Socket Layer

When administrators sign onto the backup server using the administrative Web interface client, they provide a user ID and password. The backup server generates a security token for this user ID, and this token is used to verify the administrative Web interface each time it issues a command to the server. The security token is encrypted, and expires after a certain period of time. When the administrator, after signing onto the backup server, hyperlinks to the Web backup-archive client, the security token is passed to the Web client and is used to authenticate the user ID. Since this token permits the user access to the client, the Web client provides the user the option to securely pass this information from the administrative Web interface to the Web client using the HTTPS protocol.

HTTPS is simply the HTTP protocol transmitted over a secure socket layer. If your administrators are hyperlinking to client machines to use the Web client, and you need to protect the security token when it is transmitted over the network, then you should configure the Web client for SSL so that the HTTPS protocol can be used.

The following sections contain information that will help you manage SSL communications:

To support SSL, the product install package includes utilities to create and maintain certificates. SSL communication is supported on the Windows NT client only. You can use the Make Key File utility (MKKFE) to create public-private key pairs and certificate requests, receive certificate requests into a key ring, and manage keys in a key ring. MKKFE prompts you for the necessary information. Optionally, after you have created a certificate request, you can send it to a Certificate Authority (CA) to have it signed.


[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]