Cisco Cisco Prime Optical 9.6 Developer's Guide
Cisco Prime Optical 9.6.3 GateWay/CORBA Programmer Reference Guide
OL-28047-01
737
6.12 Using the CLI to Start and Stop GateWay/CORBA
Prime Optical can manage the GateWay/CORBA service from the command line:
• To start a GateWay/CORBA service, run the
• To start a GateWay/CORBA service, run the
/opt/CiscoTransportManagerServer/bin/gwcorba-start script from the command line.
• To stop a GateWay/CORBA service, run the
/opt/CiscoTransportManagerServer/bin/gwcorba-stop script from the command line.
Only Prime Optical users with administrative privileges can run these scripts. If the
GateWay/CORBA service is already running and you attempt to run the gw-start script, the
script exits with the message “GWCORBA already running.” If the GateWay/CORBA service is
stopped and you attempt to run the gw-stop script, the script exits with the message
“GWCORBA not running.”
You must have a Prime Optical username and password with a SysAdmin or SuperUser profile
You must have a Prime Optical username and password with a SysAdmin or SuperUser profile
to start or stop the scripts.
6.13 Configuring Secure Socket Layer for GateWay/CORBA
To ensure network security, CORBA calls can be made over Secure Socket Layer (SSL).
The current JacORB implementation is precompiled with JacORB security libraries. To configure
The current JacORB implementation is precompiled with JacORB security libraries. To configure
SSL for GateWay/CORBA, you must set up a keystore and configure the properties in the client-
side jacorb.properties file.
The client must enforce SSL by modifying the jacorb.properties file. The server-side keystore is
The client must enforce SSL by modifying the jacorb.properties file. The server-side keystore is
generated using the JSSE keystore. Prime Optical bundles a default keystore and a certificate for
the GateWay/CORBA service.
As explained in the following sections, you must generate the server-side certificate and add it
As explained in the following sections, you must generate the server-side certificate and add it
to the client-side keystore; then generate and add the client-side certificate to the server-side
keystore.
6.13.1 Generating the Server-Side Certificate
Step 1
Enter the keytool command to generate a keystore and a key:
keytool -genkey -alias gwcorba_service -validity 25000 -keystore
gwcorba_service_ks -storepass gwcorba_service_ks_pass -keypass
gwcorba_service_ks_pass
gwcorba_service_ks -storepass gwcorba_service_ks_pass -keypass
gwcorba_service_ks_pass
What is your first and last name?
[Unknown]: gateway corba server
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]: cisco
What is the name of your City or Locality?
[Unknown]: