[AIX Solaris HP-UX Linux Windows][IBM i]

DMZ Secure Proxy Server 安装信息

安装需求、示例及有关安装和卸载 DMZ Secure Proxy Server for IBM® WebSphere® Application Server 的其他信息。DMZ Secure Proxy Server for IBM WebSphere Application Server提供了高性能的逆向代理功能,可以在网络边界使用该功能进行路由、实现负载均衡以及缩短向 Web 资源发出的请求的响应时间。

关于 DMZ Secure Proxy Server

DMZ Secure Proxy Server for IBM WebSphere Application Server允许在非保护区 (DMZ) 中安装代理服务器,同时降低了您选择在 DMZ 中安装应用程序服务器以主管代理服务器时面临的安全风险。降低了风险的原因是,从应用程序服务器中除去了所有并非主管代理服务器所必需但有可能引起安全风险的功能。

在安装 DMZ Secure Proxy Server 之前,请规划拓扑并确定每个组件的安装位置。DMZ Secure Proxy Server 通常与 WebSphere Application Server 安装在不同机器上。有关规划管理拓扑的信息,请参阅计划安装 WebSphere Application Server

要求

除下列要求以外,您的系统可能还要求满足其他先决条件才能安装 WebSphere Application Server 产品。有关更多信息,请参阅为产品安装准备操作系统

  • 对于转换用户 对于转换用户: IBM SDK Java™ Technology Edition 不再嵌套在 DMZ Secure Proxy Server for WebSphere Application Server 中。Java SDK 作为单独产品提供,在安装 DMZ Secure Proxy Server 时必须安装此 SDK。IBM SDK Java Technology Edition V8 是 WebSphere Application Server V9.0 的 Java SDK 版本。trns
  • DMZ Secure Proxy Server 最多需要 350 MB 的磁盘空间。

存储库和产品标识

要从在线服务存储库安装 DMZ Secure Proxy Server,请将以下存储库 URL 与 Installation Manager 配合使用:
http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v90
使用命令行或响应文件来安装、卸载或以其他方式修改 DMZ Secure Proxy Server 时,请指定主产品标识。您还可以逗号分隔列表形式添加要安装的可选功能部件。
表 1. 供应项目和可选功能部件标识
产品标识 可选功能部件标识 缺省功能部件
DMZ Secure Proxy Server for IBM WebSphere Application Server
com.ibm.websphere.NDDMZ.v90
  • core.feature: DMZ Secure Proxy Server for IBM WebSphere Application Server
    必须指定此功能部件才能指定以下可选子功能部件:
    • thinclient:独立瘦客户机和资源适配器
无缺省功能部件

要获取产品存储库和产品标识的完整列表,请参阅WebSphere Application Server 产品的在线产品存储库用于受支持操作系统的 WebSphere Application Server 产品供应项目

安装示例

所有 WebSphere Application Server 产品均使用 IBM Installation Manager 进行安装。有关安装产品供应项目的逐步指示信息,请参阅安装产品

[AIX Solaris HP-UX Linux Windows]要点: 因为 IBM SDK Java Technology Edition 不再嵌入在产品中,所以您必须同时指定 DMZ Secure Proxy Server 供应项目标识 (com.ibm.websphere.NDDMZ.v90) 和 IBM Java SDK 供应项目标识 (com.ibm.java.jdk.v8)。如果没有 Java SDK,将无法安装 DMZ Secure Proxy Server
命令行示例

有关使用命令行进行安装的逐步指示信息,请参阅使用命令行安装产品

[Windows]
imcl.exe install com.ibm.websphere.NDDMZ.v90 com.ibm.java.jdk.v8
  -repositories http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v90 
  -installationDirectory "C:\Program Files\IBM\WebSphere\AppServer"
  -sharedResourcesDirectory "C:\Program Files\IBM\IMShared"
  -preferences com.ibm.cic.common.core.preferences.keepFetchedFiles=false,com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts=false
  -secureStorageFile C:\IM\credential.store -masterPasswordFile C:\IM\master_password.txt
  -log installv9dmz.xml
  -acceptLicense
  -showProgress
[Linux]
./imcl install com.ibm.websphere.NDDMZ.v90 com.ibm.java.jdk.v8
  -repositories http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v90 
  -installationDirectory /opt/IBM/WebSphere/AppServer
  -sharedResourcesDirectory /opt/IBM/IMShared
  -preferences com.ibm.cic.common.core.preferences.keepFetchedFiles=false,com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts=false
  -secureStorageFile /var/IM/credential.store -masterPasswordFile /var/IM/master_password.txt
  -log installv9dmz.xml
  -acceptLicense
  -showProgress
[IBM i]
./imcl install com.ibm.websphere.NDDMZ.v90
  -repositories https://downloads.mycorp.com:8080/WAS_90_repository
  -installationDirectory /QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ
  -properties was.install.os400.profile.location=/QIBM/UserData/WebSphere/AppServer/V9/NDDMZ
  -sharedResourcesDirectory /QIBM/UserData/InstallationManager/IMShared
  -secureStorageFile $HOME/WASFiles/temp/credential.store
  -acceptLicense
  -showProgress
响应文件示例

有关使用响应文件进行安装的逐步指示信息,请参阅使用响应文件安装产品

[Windows]
<?xml version="1.0" encoding="UTF-8"?>
<agent-input clean="true" temporary="true">
<server>
<repository location="http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v90" />
</server>
<install modify='false'>
<offering id='com.ibm.websphere.NDDMZ.v90' 
  profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' 
  features='core.feature,thinclient' installFixes='none'/>
<offering id='com.ibm.java.jdk.v8'
  profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0'
  features='com.ibm.sdk.8'/>
</install>
<profile id='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' 
  installLocation='C:\Program Files\IBM\WebSphere\AppServer'>
<data key='eclipseLocation' value='C:\Program Files\IBM\WebSphere\AppServer'/>
<data key='user.import.profile' value='false'/>
<data key='cic.selector.nl' value='en'/>
</profile>
</agent-input>
[IBM i]
<?xml version="1.0" encoding="UTF-8"?>
<agent-input>
<server>
  <repository location='http://www.ibm.com/software/repositorymanager/com.ibm.websphere.NDDMZ.v90'/>
</server>
<profile id='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' installLocation='/QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ'>
  <data key='eclipseLocation' value='/QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ'/>
  <data key='was.install.os400.profile.location' value='/QIBM/UserData/WebSphere/AppServer/V9/NDDMZ'/>
  <data key='user.import.profile' value='false'/>
  <data key='cic.selector.nl' value='en'/>
</profile>
<install modify='false'>
  <offering profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' features='core.feature,thinclient' id='com.ibm.websphere.NDDMZ.v90'/>
</install>
<preference name='com.ibm.cic.common.core.preferences.eclipseCache' value='/QIBM/UserData/InstallationManager/IMShared'/>
<preference name='com.ibm.cic.common.core.preferences.connectTimeout' value='30'/>
<preference name='com.ibm.cic.common.core.preferences.readTimeout' value='30'/>
<preference name='com.ibm.cic.common.core.preferences.downloadAutoRetryCount' value='0'/>
<preference name='offering.service.repositories.areUsed' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.ssl.nonsecureMode' value='false'/>
<preference name='com.ibm.cic.common.core.preferences.http.disablePreemptiveAuthentication' value='false'/>
<preference name='http.ntlm.auth.kind' value='NTLM'/>
<preference name='http.ntlm.auth.enableIntegrated.win32' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.preserveDownloadedArtifacts' value='true'/>
<preference name='com.ibm.cic.common.core.preferences.keepFetchedFiles' value='false'/>
<preference name='PassportAdvantageIsEnabled' value='false'/>
<preference name='com.ibm.cic.common.core.preferences.searchForUpdates' value='false'/>
</agent-input>

使用说明

versionInfohistoryInfo 命令根据系统上执行的所有安装、卸载、更新和回滚活动返回 DMZ Secure Proxy Server 的版本和历史记录信息。

安装 DMZ Secure Proxy Server 后,可以使用 manageprofiles 命令创建概要文件。在 AIX、Linux 和 Windows 上,您也可以使用 Profile Management Tool。

以下示例显示用于创建安全代理服务器概要文件的 manageprofiles 命令。该示例基于以下假设:
  • 要启用安全性。
  • 系统主机名是 myhost.abc.com
  • DMZ Secure Proxy Server 安装在缺省位置。
  • 管理用户名是 wasadmin
  • 密码是 password
[Windows]
manageprofiles -create
  -portsFile "C:\Program Files\IBM\WebSphere\AppServer_1\profileTemplates\secureproxy\actions\portsUpdate\portdef.props"
  -serverName proxy1
  -nodeName myhost
  -hostName myhost.abc.com
  -cellName myhost 
  -adminUserName wasadmin
  -adminPassword password
  -templatePath "C:\Program Files\IBM\WebSphere\AppServer_1\profileTemplates\secureproxy"
  -enableAdminSecurity true
  -profileName SecureProxySrv01
[IBM i]
manageprofiles -create
  -portsFile /QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ/profileTemplates/secureproxy/actions/portsUpdate/portdef.props
  -serverName proxy1
  -nodeName myhost
  -hostName myhost.abc.com
  -cellName myhost 
  -adminUserName wasadmin
  -adminPassword password
  -templatePath /QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ/profileTemplates/secureproxy
  -enableAdminSecurity true
  -profileName SecureProxySrv01

卸载示例

所有 WebSphere Application Server 产品均使用 IBM Installation Manager 进行卸载。有关卸载产品供应项目的逐步指示信息,请参阅卸载产品

避免故障 避免故障: 卸载产品的同时,必须卸载 IBM SDK Java Technology Edition (com.ibm.java.jdk.v8)。gotcha
命令行示例

有关使用命令行进行卸载的逐步指示信息,请参阅使用命令行卸载产品

[Windows]
imcl.exe uninstall com.ibm.websphere.NDDMZ.v90 com.ibm.java.jdk.v8
  -installationDirectory "C:\Program Files\IBM\WebSphere\AppServer"
[HP-UX][Linux][Solaris]
./imcl uninstall com.ibm.websphere.NDDMZ.v90 com.ibm.java.jdk.v8
  -installationDirectory /opt/IBM/WebSphere/AppServer
[IBM i]
./imcl uninstall com.ibm.websphere.NDDMZ.v90
  -installationDirectory /QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ
响应文件示例

有关使用响应文件进行卸载的逐步指示信息,请参阅使用响应文件卸载产品

[Windows]
<?xml version="1.0" encoding="UTF-8"?>
<agent-input clean='true' temporary='true'>
<uninstall modify='false'>
<offering id='com.ibm.websphere.NDDMZ.v90' 
  profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0'/>
<offering id='com.ibm.java.jdk.v8' 
  profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' />
</uninstall>
<profile id='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' 
  installLocation='C:\Program Files\IBM\WebSphere\AppServer'>
<data key='eclipseLocation' value='C:\Program Files\IBM\WebSphere\AppServer'/>
<data key='user.import.profile' value='false'/>
<data key='cic.selector.nl' value='en'/>
</profile>
</agent-input>
[IBM i]
<?xml version="1.0" encoding="UTF-8"?>
<agent-input clean='true' temporary='true'>
<uninstall modify='false'>
<offering id='com.ibm.websphere.NDDMZ.v90' 
  profile='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0'/>
</uninstall>
<profile id='DMZ Secure Proxy Server for IBM WebSphere Application Server V9.0' 
  installLocation='/QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ'>
  <data key='eclipseLocation' value='/QIBM/ProdData/WebSphere/AppServer/V9/NDDMZ'/>
  <data key='was.install.os400.profile.location' value='/QIBM/UserData/WebSphere/AppServer/V9/NDDMZ'/>
  <data key='user.import.profile' value='false'/>
  <data key='cic.selector.nl' value='en'/>
</profile>
</profile>
</agent-input>

指示主题类型的图标 参考主题



时间戳记图标 最近一次更新时间: last_date
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-dist&topic=rins_dmz_info
文件名:rins_dmz_info.html