Professional Documents
Culture Documents
To setup a new SSL-Connection between a IBM HTTP Server (IHS) and your WebSphere Application Server (6.1) a (self-signed) CA SSL certificate has to be propageted to all involved servers.
When setting up a IHS via the administrative console SSL between IHS and WebSphere AppServer should be enabled by default.
1. First take a look at your plugin-cfg.xml of your IHS installation and search for the entry Property Name="keyring"...
ServerCluster CloneSeparatorChange="false" GetDWLMTable="false" IgnoreAffinityRequests="true" LoadBalance="Round Robin" Name="server1_testNodeoglxanclatest32Bit_Cluster" PostBufferSize="64" PostSizeLimit="-1" RemoveSpecialHeaders="true" RetryInterval="60"
/Transport
/Server
/ServerCluster
This tags defines the location of the Key-Database for the secure connection between your IHS and your AppServer.
2. In administrative console of WebSphere go to Servers > WebServers > "your webserver" > Plugin-in properties
On this page all necessary entries should be done automatically. To re-copy the default plugin-in.key to your IHS press "Copy to Webserver key store directory".
###############################################################
To manually setup SSL between IHS and WebSphere first locate the plugin-key.kdb on your AppServer. Than copy over the plugin-key.kdb to the IHS into the specified location (get location form picture above). Then edit the plugin-cfg.xml of the IHS (see tag from step 1). Then restart your IHS and your WebSphere instance