Cryptographic hardware for SSL acceleration

If the portal environment makes extensive use of SSL, you might choose to use cryptographic hardware to offload encryption and improve performance. WebSphere Portal tolerates interfacing through WAS with cryptographic hardware for SSL acceleration. However, the tasks involved in setting up and configuring cryptographic hardware are generally specific to Web servers or WAS and do not necessarily involve configuring WebSphere Portal.

The WAS Information Center contains several topics for setting up and configuring password encryption with cryptographic hardware. Refer to these topics to get started with password encryption and learn more about available encryption features.

Most cryptographic hardware requires the PKCS11 support software for the host machine and internal firmware. To get started with cryptographic hardware, you should install the required support software, configure IBMHTTP Server, then install the necessary devices. Refer to Get started with the cryptographic hardware for SSL at:

You can create a plug point to encrypt and decrypt all passwords in WAS that are currently encoded or decoded using Base64-encoding. Refer to Plug point for custom password encryption at:

Create a custom class to encrypt passwords after you create server profile. Refer to Enable custom password encryption at:

In stand-alone environments, administrative functions such as installing WAR files or adding trace settings can fail when you meet both of the following conditions:

If stand-alone environment meets both of the preceding conditions, do the following:

  1. Log in to the WAS administrative console.

  2. Navigate to Security -> Global Security -> Administrative security -> Administrative authentication

  3. Select Only use the active application authentication mechanism.

  4. Click Apply then OK and save the changes to the master configuration.

  5. Log out of the administrative console.

  6. Restart WebSphere Portal.


Parent

Configure SSL


Previous

Set up Client Certificate Authentication

 


+

Search Tips   |   Advanced Search