Professional Documents
Culture Documents
WebSphere Application Server V8.5 configures and manages many of the SSL configurations
that are required to secure communication within a cell. Configures IBM HTTP Server for
inbound SSL. iKeyman is used to generate a new keystore and self-signed certificate. IBM HTTP
Server is then configured to support HTTPS communications by using the newly created
certificate.
Create a profile
To better understand the various pieces of SSL within the WebSphere Application Server
environment, a new custom profile is created.
__ 1. Restart the deployment manager.
__ a. From a terminal window, in the bin directory for the deployment manager, enter
the following command:
./startManager.sh
__ 2. Create a custom profile named SSL and federate it to the deployment manager.
__ a. Start the Profile management tool by issuing the following command in a terminal
window:
/opt/IBM/WebSphere/AppServer/bin/ProfileManagement/pmt.sh
__ b. The WebSphere Customization Toolbox window starts. Click Create on the right
to create a profile.
__ c. Select the Custom profile option and click Next.
__ d. On the Profile Creation Options page, select Advanced profile creation and
click Next.
__ e. For the profile name and location, enter the following information:
- Profile name: SSL
- Profile directory: /opt/IBM/WebSphere/AppServer/profiles/SSL
Click Next.
f. On the Node and Host Names page, enter the following values:
- Node name: was85hostNode03
- Host name: was85host
Click Next.
g. On the Federation page, enter was85host for the deployment manager host
name. The default SOAP port (8879) is shown. Enter wasadmin for the security
User name and web1sphere for the Password. Be sure that the Federate this
node later option is not selected. The node is automatically federated to the cell
during creation.
h. Click Next.
__ i. On the next page, accept the defaults for creating the default personal certificate
and a new root signing certificate. Click Next.
j. On the next screen, which specifies the node certificate information, accept the
defaults and click Next. Make sure that you read the information block as it
explains the importance of these entries and how they relate to SSL.