Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure communications


Configure the web server plug-in for SSL

This topic documents the configuration that is necessary to instantiate a secure connection between the web server plug-in and the internal HTTP transport in the web container for the Application Server.

WAS has an internal HTTP transport that accepts HTTP requests. If you install an external HTTP server, the web server plug-in must forward requests from the external HTTP server to Application Server internal HTTP transport. Follow instructions provided by your HTTP vendor to install and configure your HTTP server. Test your HTTP server by accessing http://your-host-URL and https://your-host-URL. You should also have a web server plug-in installed. See the instructions for installing the HTTP Server and the web server plug-ins. They also describe how to enable the plug-in to load the correct libraries for Secure Socket layers (SSL) on Solaris x64.


Procedure

  1. Create a directory on the web server host for storing the key ring file that is referenced by the plug-in and associated files, for example: plugin_install_root/etc/keys.

  2. From the admin console, click Servers > Web servers.

  3. Select the web server name.

  4. Click Plug-in properties.

  5. Click Manage keys and certificates to access configuration options for your keys and certificates. By default, you can change your password used to protect the key store.

  6. Click OK.

  7. Click the web server keystores button to copy the key store and to stash files to a managed web server. For non-managed web servers, use FTP to copy them.

  8. Under Additional Properties, you can also select one of the following:

    • Signer certificates - Use to add new certificates, delete certificates, extract certificates, and to retrieve certificates from a port.
    • Personal certificates - Use to create a new chained or self-signed certificate, delete a certificate, or to import and export a personal certificate.
    • Personal certificate requests - Use to manage personal certificate requests.
    • Custom properties - Use to define custom properties for the key store.


Results

The IBM HTTP Server plug-in and the internal Web server are configured for SSL.


Related


Web server plug-in default configuration in SSL
Web server plug-in default configuration in SSL
Certificate management in SSL
Install IBM HTTP Server
Create a self-signed certificate
Extract a signer certificate from a personal certificate

+

Search Tips   |   Advanced Search