|
Home > Archive > WebSphere HTTP Server > January 2004 > Force the use of SSL connection
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Force the use of SSL connection
|
|
| Nathan Simpson 2004-01-28, 9:33 am |
| Hi,
We are running iSeries Apache with Websphere Express 5.0 and HATSLE.
We have obtained a Verisign certificate but I want the web server to only
connect using HTTPS.
I have set things up and it kind of works.
If I try to connect to http://ours.com:8080 it won't work but if I try
https://ours.com:9443 it will work. If I then try http://ours.com:8080 again
it will work.
What I want is all connections to require SSL so nothing will go through
unencrypted.
How do I do this? I am somewhat of a beginner.
TIA
Nathan
| |
| Stephan Schwarzer 2004-01-29, 12:33 am |
| Hi Nathan,
quote:
> If I try to connect to http://ours.com:8080 it won't work but if I try
> https://ours.com:9443 it will work. If I then try http://ours.com:8080 again
> it will work.
>
> What I want is all connections to require SSL so nothing will go through
> unencrypted.
Check your httpd.conf file and make sure that your server will not
listen to ports other than 9443.
Another possible solution is to user client certificates for
authentication and add the "SSLClientAuth Required" to your SSL-stanza
in httpd.conf.
Kind regards
Stephan
| |
| Nathan Simpson 2004-01-29, 8:33 am |
| Hi Stephan,
Thanks for the response.
But what about how after I initially connect using HTTPS and then try HTTP
to the same port it still allows me to do it.
ie. If I try to connect to http://ours.com:9443 it won't work. If I then try
to connect to https://ours.com:9443 the connection succeeds. If I then try
again to connect to http://ours.com:9443 the connection works but it gives a
message about "This page containing secure and non-secure items"
Is this normal or am I missing something.
TIA
Nathan
"Stephan Schwarzer" <news@stephan-schwarzer.de> wrote in message
news:bvb0in$7ede$1@news.boulder.ibm.com...quote:
> Hi Nathan,
>
again[QUOTE][color=darkred]
>
> Check your httpd.conf file and make sure that your server will not
> listen to ports other than 9443.
>
> Another possible solution is to user client certificates for
> authentication and add the "SSLClientAuth Required" to your SSL-stanza
> in httpd.conf.
>
> Kind regards
>
> Stephan
>
| |
| Cathie Chang 2004-01-30, 5:33 am |
| Hi,
By default, port 9080 is SSL disabled and port 9443 is SSL enabled in
WebSphere settings. Try change the SSL settings to the port you want to be
SSL secured. To do so by going to the Admin Console, at the HTTP Transport
setting page, change the 9080 port to SSL enabled.
Cathie Chang
SPC Waltham
"Nathan Simpson" <me@me.com> wrote in message
news:bv9dnr$3q5g$1@news.boulder.ibm.com...quote:
> Hi,
>
> We are running iSeries Apache with Websphere Express 5.0 and HATSLE.
>
> We have obtained a Verisign certificate but I want the web server to only
> connect using HTTPS.
>
> I have set things up and it kind of works.
>
> If I try to connect to http://ours.com:8080 it won't work but if I try
> https://ours.com:9443 it will work. If I then try http://ours.com:8080
againquote:
> it will work.
>
> What I want is all connections to require SSL so nothing will go through
> unencrypted.
>
> How do I do this? I am somewhat of a beginner.
>
> TIA
>
> Nathan
>
>
|
|
|
|
|