Getting started with the cryptographic hardware for SSL (Distributed systems)

Cryptographic devices require the PKCS11 support software for the host machine and internal firmware. For more information, contact the vendor of the device.

• Cryptographic hardware for Secure Sockets Layer
  IBM HTTP Server supports many types of cryptographic hardware devices.

• Use IKEYMAN to store keys on a PKCS11 device
  For IBM HTTP Server, we can use IKEYMAN for storing keys on a PKCS11 device.

• Configure IBM HTTP Server to use nCipher and Rainbow accelerator devices and PKCS11 devices
  The IBM HTTP Server enables nCipher and Rainbow accelerator devices by default. To disable your accelerator device, add the SSLAcceleratorDisable directive to your configuration file.

Related concepts

• IBM HTTP Server certificate management

Related tasks

• Secure IBM HTTP Server

• Configure SSL between the IBM HTTP Server Administration Server and the deployment manager

• Secure with SSL communications

• Set advanced SSL options

• Manage keys with the IKEYMAN graphical interface (Distributed systems)

• Manage keys from the command line (Distributed systems)

• Manage keys with the native key database gskkyman (z/OS systems)

• Authenticating with LDAP on IBM HTTP Server using mod_ldap

• Authenticating with SAF on IBM HTTP Server (z/OS systems)