WAS v8.5 > Secure applications > Set up security

Prepare for security at installation time

Complete the following tasks to implement security before, during, and after installing WebSphere Application Server.

1. Secure the environment before installation. This step describes how to perform WAS installation with proper authority on different platforms. For more information refer to Secure the environment before installation.

2. Prepare the operating system for installation of WAS. This step describes how to prepare the different operating systems for installation of WAS. For more information, see "Preparing the operating system for product installation" n the InfoCenter.
3. Migrate security configurations from previous releases during installation, when we are prompted to do so. This step describes how to migrate security configurations from a previous release of WAS to WAS v8.5.

   For more information, see "Migrating product configurations" in the InfoCenter.

4. Optional: We can create a profile during install time. If you elect to do so, administrative security is enabled for that profile "out of the box" by default. A panel is displayed during profile creation time and enabling administrative security is selected by default. If you elect to keep this as the default, supply an administrative user ID and password. This user ID is created in a federated repository, which is the default user registry when enabling administrative security at profile creation time.

5. If you go into the advanced profile creation, a panel is available for changing the default settings for the certificate, a root certificate (used to sign your personal certificate) and a personal certificate (used to sign/encrypt data over the network). Ensure the root certificate has a long lifetime and the personal certificate a shorter one. Import our own personal certificate and or root certificate. If your personal certificate is signed by the certificate authority (CA), it is not important to change your root certificate. You should also change the default keystore password to something more secure.
6. Secure the environment after installation. This step provides information on how to protect password information after you install WAS. For more information, see Secure the environment after installation.

Subtopics

• Secure the environment before installation
  The following instructions explain how to perform a product installation with proper authority.
• Secure the environment after installation
  WAS depends on several configuration files created during installation. These files contain password information and need protection. Although the files are protected to a limited degree during installation, this basic level of protection is probably not sufficient for the site. You should verify these files are protected in compliance with the policies of your site.
• Secure the environment before installation
  The following instructions explain how to perform a product installation with proper authority.
• Secure the environment after installation
  WAS depends on several configuration files created during installation. These files contain password information and need protection. Although the files are protected to a limited degree during installation, this basic level of protection is probably not sufficient for the site. You should verify these files are protected in compliance with the policies of your site.

+

Search Tips   |   Advanced Search