WebSphere Application Server - SSL setup on the application server

Author

SSL setup on the application server

2006-12-18, 7:23 pm

Hi All,

I have setup my IIHS to accept SSL (https) connections from the web browser successfully. However, when my web server (IIHS) sends requests to the Websphere app server (6.0) the requests are not accepted. I need to setup SSL on the app server side, I have
2 questions on this:

1) Do I need to enable global security for SSL to work?
2) When setting up the SSL on the adminitrative console (security->SSL) does the KEY file have to be the same key file used on the IIHS setup or can it be a different key file. THe reason I ask this is that the key file I use to setup IIHS is a .kdb exten
sion but in WAS 6.0 it's looking for a .jks extention instead?

Thanks

Paul Ilechko

2006-12-18, 7:23 pm

ecurovic@gmail.com wrote:
> Hi All,
>
> I have setup my IIHS to accept SSL (https) connections from the web
> browser successfully. However, when my web server (IIHS) sends
> requests to the Websphere app server (6.0) the requests are not
> accepted. I need to setup SSL on the app server side, I have 2
> questions on this:
>
> 1) Do I need to enable global security for SSL to work?

No. But you should, anyway, otherwise you do not have a secure WAS
environment.

> 2) When setting up the SSL on the adminitrative console
> (security->SSL) does the KEY file have to be the same key file used
> on the IIHS setup or can it be a different key file. THe reason I ask
> this is that the key file I use to setup IIHS is a .kdb extension but
> in WAS 6.0 it's looking for a .jks extention instead?

Well, are you trying to do server authentication or mutual
authentication between the web server and WAS ? For server auth you need
to export the signer certificate from the WAS key file and import it
into the KDB file of the web server. For mutual auth you also need to
import the web server's signer cert into the WAS truststore.

See SSL summary for WAS here:

http://www-128.ibm.com/developerwor...12_botzum1.html