This topic documents the configuration that is necessary to instantiate
a secure connection between the Web server plug-in and the internal HTTP transport
in the Web container for the Application Server.
Before you begin
WebSphere Application Server has an internal HTTP transport that
accepts HTTP requests. If you install an external HTTP server, the Web server
plug-in must forward requests from the external HTTP server to Application
Server internal HTTP transport. Follow instructions provided by your HTTP
vendor to install and configure your HTTP server. Test your HTTP server by
accessing http://your-host-URL and https://your-host-URL. You should also
have a Web server plug-in installed. For instructions on installing HTTP Server
and Web server plug-in, see Installing IBM HTTP Server.
If you are installing the HTTP Server and Web server plug-in on Solaris x64,
see Installing IBM HTTP Server for additional information
on enabling the plug-in to load the correct libraries for Secure Sockets Layer
(SSL).
Procedure
- Create a directory on the Web server host for storing the key ring
file that is referenced by the plug-in and associated files, for example: plugin_install_root/etc/keys.
- From the administrative console, click Servers > Web servers.
- Select the Web server name.
- Click Plug-in properties.
- Click Manage keys and certificates to access configuration
options for your keys and certificates. By default, you can change your password
used to protect the key store.
- Click OK.
- Click the Web server keystores button to copy the key store
and to stash files to a managed web server. For non-managed Web servers,
use FTP to copy them.
- Under Additional Properties, you can also
select one of the following:
- Signer certificates - Use to add new certificates, delete certificates,
extract certificates, and to retrieve certificates from a port.
- Personal certificates - Use to create a new self-signed certificate,
delete a certificate, or to import and export a personal certificate.
- Personal certificate requests - Use to manage personal certificate
requests.
- Custom properties - Use to define custom properties for the
key store.
Results
The IBM HTTP Server plug-in and the internal Web server are configured
for SSL.