Enable remote access to your servers

 

+

Search Tips   |   Advanced Search

 

The portal site management publish feature requires at least two portal systems:

For the source and target servers, you can use two different portal environments, including virtual portals on the same or different environments. In order to display the contents of the systems in the Resource Manager portlet, make sure that they are configured properly. By default, the portal server is pre-configured to allow remote access. However, more complex production and security configurations may disable this access. If any of the servers are enabled for SSL, perform additional steps on the server where you will manage your site.

If you have a portal cluster, run the enable-http-basic-auth-tai-sitemgmt task before you start managing your site. A WAS Trust Association Interceptor (TAI) is used to authorize access to the servers.

If you have determined that the TAI is not enabled in the administrative console, run the task enable-http-basic-auth-tai-sitemgmt, as described in the following.

Individual virtual portals on a single portal server do not require the enable-http-basic-auth-tai-sitemgmt task to be run more than once on the same server.

  1. Open a command prompt and change to the directory where WebSphere Portal ConfigEngine is installed, on the corresponding operating system:

      cd profile_root/ConfigEngine
      ConfigEngine.sh enable-http-basic-auth-tai-sitemgmt -DPortalAdminPwd=password -DWasPassword=password

    This task uses the settings in the file wkplc_comp.properties to configure the TAI. Although the TAI settings are pre-configured to work without requiring adjustment, you can change the settings before running the task if configure the TAI differently.

  2. Cycle the portal.

  3. Optional: Perform this step if you have SSL configured. Establish trust between two WebSphere cells:

    1. For preparation, determine the URL to the administrative console of the client WebSphere cell. For example, this can be similar to https://myclientserver.yourco.com:9043/ibm/console.

    2. Open the administrative console by using the URL that you obtained by the previous step.

    3. Click...

    4. On the Key stores and certificates panel click CellDefaultTrustStore or NodeDefaultTrustStore, depending on whether you have a cluster or single node configuration.

    5. On the xxxDefaultTrustStore panel, locate the column Additional properties and click Signer certificates.

    6. On the Signer certificates panel click the button Retrieve from port.

    7. Fill in the fields and select the options as follows:

      Host

      The host name of the client server, for example your_target_server.your_co.com.

      Port

      The secure port on the client server, for example 9043.

      SSL configuration for outbound connection

      Select the SSL configuration for the outbound connection, such as CellDefaultSSLSettings or NodeDefaultSSLSettings.

      Alias

      The alias name, for example name_of_your_alias.

    8. Click the button Retrieve signer information. The signer information is displayed.

      If you see the error message CWPKI0661E: Unable to get certificate signer information from host name "yourtargetserver.yourco.com" and port "9043". Verify host name and port are correct, this can usually be for one of two reasons:

      • A certificate has already been imported from the target location.

      • A previously deleted certificate has not timed out and been removed.

    9. Click OK. Your alias is now shown in the list.

    10. Click Save.

    11. Cycle the portal.

    12. Optional: At this time, if you have a clustered environment without automatic synchronization, resynchronize the node agents.


Parent topic:

Manage your site


Related tasks


Manage your servers
Publish your page
Providing reviewer access to a published page
Promote your page
Demote your page
Republishing and promoting a page


Related reference


Site management extension of the Portal Scripting Interface