This section provides information to help you get started with secure connections on the Web server. Obtaining certificates is the first step in securing your Web server.
When you set up secure connections, associate your public key with a digitally-signed certificate from a certificate authority (CA) that is designated as a trusted CA on your server.
- Buy a certificate from an external certificate authority provider.
You can buy a signed certificate by submitting a certificate request to a CA provider. The IHS supports several external certificate authorities. By default, many CAs exist as trusted CAs on the IHS. See List of trusted certificate authorities on the IHS.Use the key management utility to create a new key pair and certificate request to send to an external CA, then define SSL settings in the httpd.conf file.
- ikeyman graphical user interface. If we are unable to use the ikeyman interface, use the command line interface gsk7cmd command.
- z/OS: Native z/OS key management (gskkyman key database).
- Create a self-signed certificate. Use the key management utility or purchase certificate authority software from a CA provider.
List of trusted certificate authorities on the IHS
SSL environment variables
Managing keys with the gsk7cmd command line interface (Distributed systems)
Managing keys with the ikeyman graphical interface (Distributed systems)
z/OS: Managing keys with the native key database gskkyman (z/OS systems)