+

Search Tips   |   Advanced Search

Secure communications using SSL


Configuring portal for SSL encrypts all traffic between the client browser and the server, so that no one can "eavesdrop" on information exchanged over the network. The LTPA Token and other security and session information can be protected against hijack and replay attacks.

Configure the following components:

In general, the web server must be configured to accept inbound SSL traffic. The WAS plug-in for the web server must be configured to forward traffic on that port to WAS and WebSphere Portal. Then, configure the virtual host information. Finally, WebSphere Portal must be configured to generate self-referencing URLs using SSL as the transport.

This procedure might be slightly different if a front-end security proxy server such as Tivoli Access Manager WebSEAL is used. In that case, the front-end security server handles the client SSL connections. The web server receives connections from the front-end security proxy server. Mutually authenticated SSL can be configured in the web server and the front-end security proxy server if needed. It is highly dependent on the security requirements of each deployment.


Parent: Security and authentication considerations
Related: Authentication
Federal Information Processing Standards
Plan for single sign-on
Credential Vault
Caching considerations
WAS Security Guide: Chapter 5


Last update: April 30, 2014