Home
Forcing Files and Wikis authenticated API traffic to be sent over HTTPS
The Files and Wikis APIs use J2EE declarative security, which does not support the redirection of basic authentication requests to HTTPS before requesting authentication credentials. You must take some steps to prevent credentials from being sent unencrypted in response to authentication challenges.
Configure Lotus Connections to force all feature traffic to be sent over SSL. See Forcing traffic to be sent over SSL for more details.
Configure the IBM HTTP Server to redirect API requests that are sent over HTTP to be sent over HTTPS.
To force API requests to be sent over HTTPS...
- Using a text editor, open the httpd.conf file. The file is stored in the following by default:
- AIX: /usr/IBM/HTTPServer/conf
- Linux: /opt/IBM/HTTPServer/conf
- Microsoft Windows: C:\IBM\HTTPServer\conf
- Add the following statement to the file:
Redirect /files/basic/api https://<servername>:<port>/files/basic/api Redirect /wikis/basic/api https://<servername>:<port>/wikis/basic/api
- Save and close the configuration file.
- Restart IBM HTTP Server.
Forcing traffic to be sent over SSL
Related tasks
Forcing traffic to be sent over SSL