Securing WebSphere® Application
Server consists of securing IBM® HTTP
Server (IHS), which is installed with WebSphere Application Server; securing
the WebSphere Application
Server HTTP plug-in; and securing the WebSphere Application Server environment.
Procedure
- You must secure IBM HTTP Server and WebSphere Application
Server for client certificate authentication by completing the tasks
that are described in section 8.7 of the WebSphere Application Server V7.0 Security Guide.
Important: If you do not secure IBM HTTP Server and the WebSphere Application Server HTTP plug-in,
then SSL communication does not function. As a result, the client
certificate is not sent to WebSphere Application
Server.
- For instructions on securing the WebSphere Application
Server environment, review the article Advanced security hardening in WebSphere Application
Server V7, V8, and V8.5, Part 1: Overview and approach to security
hardening in the IBM WebSphere Developer Technical Journal.
- Restart the WebSphere Application Server to complete the
configuration changes.