This topic documents the configuration that is necessary to instantiate a secure connection between the Web server plug-in and the internal HTTP transport in the Web container for the Application Server. By default, this connection is not secure, even when global security is enabled. This document discusses the configuration for the IBM HTTP Server; however, the Web server-related configuration in this situation is not specific to any distributed platform Web server.
Before you begin
WebSphere Application Server has an internal HTTP transport that accepts HTTP requests. If you install an external HTTP server, the Web server plug-in must forward requests from the external HTTP server to Application Server internal HTTP transport. Follow instructions provided by your HTTP vendor to install and configure your HTTP server. Test your HTTP server by accessing http://your-host-URL and https://your-host-URL. You should also have a Web server plug-in installed. For instructions on installing HTTP Server and Web server plug-in, see Installing IBM HTTP Server. The connection between the external HTTP server and WebSphere Application Server is, by default, not secured even when global security is enabled.
Steps for this task
When you install Web server plug-in, a default key ring, plugin-key.kdb, is installed in plugin_install_root/etc. Use this file instead of creating a new one. In the following steps, a new file is created, but the steps are similar if you use an existing file. Create a directory on the Web server host for storing the key ring file that is referenced by the plug-in and associated files (for example, plugin_install_root/etc/keys).
Results
The IBM HTTP Server plug-in and the internal Web server are configured for SSL.