The IBM HTTP Server enables nCipher and Rainbow accelerator devices
by default. To disable your accelerator device, add the SSLAcceleratorDisable directive
to your configuration file.
Antes de Começar
When using the IBM e-business Cryptographic Accelerator, or the
IBM 4758, the user ID under which the Web server runs must be a member of
the PKCS11 group. You can create the PKCS11 group by installing the bos.pkcs11 package
or its updates. Change the Group directive in the configuration file
to group pkcs11.
Sobre Esta Tarefa
If you want the IBM HTTP Server to use the PKCS11 interface, configure
the following:
Procedimento
- Stash your password to the PKCS11 device, or optionally enable
password prompting: Syntax: sslstash [-c] <file> <function> <password> where:
- -c: Creates a new stash file. If not specified, an existing stash file
is updated.
- file: Represents a fully-qualified name of the file to create or update.
- function: Represents the function for which the server uses the password.
Valid values include crl or crypto.
- password: Indicates the password to stash.
- Place the following directives in your configuration file: