You can create a DMZ Secure Proxy Server for IBM® WebSphere® Application Server inside
of a WebSphere Application Server, Network Deployment cell
using the administrative console of an administrative agent. You can
then export the secure proxy server to a node in the demilitarized
zone (DMZ) into which you can then import the configuration. After
the secure proxy server is created on a node in the DMZ, administration
can be done locally or it can be done using the job manager console.
About this task
The DMZ Secure Proxy Server for IBM WebSphere Application Server does
not contain a web container and therefore does not have an administrative
console. Secure proxy server configurations can also be managed within
a WebSphere Application Server, Network Deployment application
server cell and then imported locally into the DMZ Secure Proxy Server for IBM WebSphere Application Server using
wsadmin commands. The configurations are created and maintained inside
the WebSphere Application Server, Network Deployment application
server cell as configuration-only profiles. The profiles are registered
with the administrative agent and are then managed using the administrative
console. You configure the secure proxy server profile in the WebSphere Application Server, Network Deployment application
server cell, export the configuration to a configuration archive (CAR)
file using the exportProxyProfile or exportProxyServer wsadmin
command, transmit the CAR file to the local secure proxy server installation
using FTP, and import the configuration into the DMZ Secure Proxy Server for IBM WebSphere Application Server using
the importProxyProfile or importProxyServer wsadmin
command. You then repeat the process if any changes are made to the
secure proxy server configuration.
Procedure
- Start an administrative agent on a network-deployment installation.
- Register the secure proxy (configuration-only) profile
with the administrative agent using the registerNode command.
- Restart the administrative agent.
- When the administrative agent prompts you with a list of
the nodes that it manges, select the node from the secure proxy (configuration-only)
profile.
- From the administrative console of the administrative agent,
select .
- Click New to access the Proxy Server
Creation wizard.
- Select the DMZ Secure Proxy Server for IBM WebSphere Application Server node.
- Complete the steps in the wizard to create a new secure
proxy server.
This new secure proxy server is only used
as a configuration. It cannot be started inside of the cell.
- Set the sipClusterCellName custom
property to be the cell name that contains the configured cluster
of SIP containers. This step applies to the SIP proxy only,
and not HTTP. For more information about how to set this custom property,
see the topic entitled SIP proxy server custom properties.
- Save the configuration.
- Using the wsadmin tool, connect to the secure proxy server
profile.
- Export your configuration to be used inside of the DMZ;
you can export the entire profile or export the server.
- Using FTP, transfer the configuration archive to the local
secure proxy server node.
- Start the wsadmin tool on the secure proxy server profile.
- Import the entire profile, or import the server.
- Use the importProxyProfile command to import
the profile. For example:
AdminTask.importProxyProfile(['-archive', '/myCell.car'])
- Use the importProxyServer command to import
the server. For example:
AdminTask.importProxyServer('[-archive /myServer.ear -nodeInArchive node1 -serverInArchive proxy1]')
- Save the configuration changes.
Use the following command example to save your configuration
changes:
AdminConfig.save()
Results
Successful completion of this procedure results in deployment
of the DMZ Secure Proxy Server for IBM WebSphere Application Server on
a node in the DMZ.
What to do next
You can now start and begin to use your DMZ Secure Proxy
Server.