Home
Task overview: Securing IHS
This section lists topic overviews for securing IHS.
The following topics describe specific tasks for you to secure IBM HTTP Server.
- Configure SSL between the IHS Administration Server and the deployment manager
- Securing with SSL communications. For secure communication, you can set up the SSL directives in the default httpd.conf configuration file.
- Setting advanced SSL options. More advanced SSL options to secure your IHS are also available. Advanced SSL options include: setting the level and type of client authentication, setting cipher specifications, defining SSL for multiple-IP virtual hosts, and configuring reverse proxy setup with SSL.
- Managing keys with the ikeyman graphical interface (Distributed systems).
You can set up the Key Management utility (ikeyman) with IHS to create key databases, public and private key pairs and certificate requests. Use the ikeyman graphical user interface rather than using the command line interface.
- Managing keys with the gsk7cmd command line interface (Distributed systems).
You can use IKEYCMD, which is the Java™ command line interface to ikeyman. Use the command line only if we are unable to implement the graphical user interface.
- z/OS: Managing keys with the native key database gskkyman (z/OS systems)
You can use the native z/OS key management (gskkyman key database) with IBM HTTP Server to create key databases, public and private key pairs and certificate requests.
- Getting started with the cryptographic hardware for SSL (Distributed systems). You can use cryptographic hardware for SSL. The IBM 4758 requires the PKCS11 software for the host machine and internal firmware.
- Authenticate with LDAP on IHS using mod_ibm_ldap (Distributed systems).
You can configure LDAP to protect files on IHS.
- z/OS: Authenticate with LDAP on IHS using mod_ldap
You can configure LDAP to protect files on IHS.
- z/OS: Authenticate with SAF on IHS (z/OS systems).
You can provide IHS with user authentication using the System Authorization Facility security product.
Your IBM HTTP Server is secured.
Subtopics
Configure SSL between the IHS Administration Server and the deployment manager
Securing with SSL communications
Managing keys with the ikeyman graphical interface (Distributed systems)
Managing keys with the gsk7cmd command line interface (Distributed systems)
z/OS: Managing keys with the native key database gskkyman (z/OS systems)
Getting started with the cryptographic hardware for SSL (Distributed systems)
Authenticate with LDAP on IHS using mod_ibm_ldap (Distributed systems)