Complete the following tasks to implement security before,
during, and after installing WebSphere® Application Server.
Procedure
Secure your environment before installation. This step describes how to perform WebSphere Application Server installation with proper
authority on different platforms. For more information, refer to Securing your environment before installation.
Prepare the operating system for installation
of WebSphere Application Server. This
step describes how to prepare the different operating systems for
installation of WebSphere Application Server.
For more information, see "Preparing the operating system for product
installation" .
Install WebSphere Application Server. This
step describes how to install WebSphere Application Server on the z/OS® platform.
For more information, see "Installing the product and additional
software" .
- Migrate security configurations from previous releases
during installation, when you are prompted to do so. This
step describes how to migrate security configurations from a previous
release of WebSphere Application Server to WebSphere Application Server Version 8.5.
For
more information, see "Migrating product configurations" in the InfoCenter.
Optional: You can create a
profile during install time. If you elect to do so, administrative
security is enabled for that profile by default. A panel is displayed
during profile creation time and enabling administrative security is
selected by default. If you elect to keep this as the default, you
must supply an administrative user ID and password. This user ID is
created in a federated repository, which is the default user registry when enabling
administrative security at profile creation time.
- If you go into the advanced profile creation, a panel is
available for changing the default settings for your certificate,
a root certificate (used to sign your personal certificate) and
a personal certificate (used to sign/encrypt data over the network).
Ensure that the root certificate has a long lifetime and the personal
certificate a shorter one. Import your own personal certificate and
or root certificate. If your personal certificate is signed by the
certificate authority (CA), it is not important to change your root
certificate. You should also change the default keystore password
to something more secure.
Optional: During customization
of a stand-alone application server or WebSphere Application Server, Network Deployment cell, you can
enable administrative security by using either a z/OS security
product or WebSphere Application Server to
manage users, groups, and the security policy.
- Secure your environment after installation. This
step provides information on how to protect password information after
you install WebSphere Application Server.
For more information, see Securing your environment after installation.
For information about enabling security
after customization is complete, see Enabling security.