Home
Configure IBM HTTP Server for SSL
Overview
To support SSL, we...
- Add WebSphere Application Server's SSL certificate to IBM HTTP Server's trust store
- Configure IBM HTTP Server for SSL traffic
If you have installed a network deployment of Lotus Connections, extract the certificates for each federated profile.
The plugin-key.kdb file of each federated profile can be shared between two HTTP servers, thus providing failover capability.
Configure IBM HTTP Server for SSL
- Start IBM HTTP Server
- From the WAS admin console for the dmgr, select...
Servers | Web servers | web_server | Configuration | config_file | Edit
- Add the following text to the foot of the existing content in the configuration file:
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
<IfModule mod_ibm_ssl.c> Listen 0.0.0.0:443 <VirtualHost *:443> ServerName server_name #DocumentRoot C:\IBM\HTTPServer\htdocs SSLEnable </VirtualHost> </IfModule> SSLDisable Keyfile "<path_to_key_file>" SSLStashFile "<path_to_stash_file>"where server_name is the name of the Web server, <path_to_key_file> is the path to the KDB file, and <path_to_stash_file> is the path to the associated stash file. For example:
- AIX
- Keyfile: /usr/IBM/HTTPServer/Plugins/config/webserver1/plugin-key.kdb
- SSLStashFile: /usr/IBM/HTTPServer/Plugins/config/webserver1/plugin-key.sth
- Linux
- Keyfile: /opt/IBM/HTTPServer/Plugins/Plugins/config/webserver1/plugin-key.kdb
- SSLStashFile: /opt/IBM/HTTPServer/Plugins/config/webserver1/plugin-key.sth
- Microsoft Windows
- Keyfile: C:\IBM\HTTPServer\Plugins\config\webserver1\plugin-key.kdb
- SSLStashFile: C:\IBM\HTTPServer\Plugins\config\webserver1\plugin-key.sth
- Click Apply to save your changes and then click OK.
- Restart IBM HTTP Server to apply the changes.
- Test the new configuration: Open a Web browser and ensure that you can successfully reach https://<Web_server_name>.
Results
Lotus Connections users can access features through the HTTPS protocol.
Related tasks
Configure IBM HTTP ServerPrevious topic:
Define IBM HTTP ServerNext topic:
Add certificates to IBM HTTP Server
Add certificates to a network deployment with IBM HTTP Server
Map features to IBM HTTP Server
Forcing traffic to be sent over SSL
Configure Lotus Connections
Troubleshooting