| Author |
Problem with SSL configuration on WAS 6
|
|
|
| Hi there,
i have installed websphere http server 6, application server 6 and plugins.
Now i was trying to configure ssl on the WAS admin console.
My first step was to enable ssl the following way:
Server->WebServer->Configuration-> enable the checkbox "use secure protocol".
After that I generate and propagate the plugin and did a restart of the app- and web-server.
Urls that are working:
1.) http://my-domain.com
2.) http://my-domain.com/snoop
3.) https://9.155.32.178:9443/snoop
Urls that are not working:
4.) https://my-domain.com (The page cannot be displayed)
5.) https://my-domain.com/snoop (The page cannot be displayed)
Why does the 4. and 5. URL not work?
What else do I have to configure?
| |
| Ken Hygh 2006-04-28, 7:20 am |
| jbogner@de.ibm.com wrote:
> Hi there,
>
> i have installed websphere http server 6, application server 6 and plugins.
> Now i was trying to configure ssl on the WAS admin console.
>
> My first step was to enable ssl the following way:
> Server->WebServer->Configuration-> enable the checkbox "use secure protocol".
>
> After that I generate and propagate the plugin and did a restart of the app- and web-server.
>
> Urls that are working:
> 1.) http://my-domain.com
> 2.) http://my-domain.com/snoop
> 3.) https://9.155.32.178:9443/snoop
>
> Urls that are not working:
> 4.) https://my-domain.com (The page cannot be displayed)
> 5.) https://my-domain.com/snoop (The page cannot be displayed)
>
> Why does the 4. and 5. URL not work?
> What else do I have to configure?
>
Is your WAS virtual host set to handle port 443? Both the failing URLs
are using that port.
Ken
| |
|
| hi ken,
yes it is. i configured it the following way:
environment->virtuel host->default_host->host alias->New
Hostname: *
Port: 443
I am still trying to get this ssl thing to work but without success. 
I dont understand why the url https://my-domain:9443/snoop only works when i typ in the port 9443 instead of https://my-domain/snoop without the port thing.???
| |
| Ian Burnett 2006-04-28, 7:20 am |
| jbogner@de.ibm.com wrote:
> hi ken,
>
> yes it is. i configured it the following way:
> environment->virtuel host->default_host->host alias->New
> Hostname: *
> Port: 443
>
> I am still trying to get this ssl thing to work but without success.
>
> I dont understand why the url https://my-domain:9443/snoop only works when i typ in the port 9443 instead of https://my-domain/snoop without the port thing.???
>
The former goes directly to port 9443 which is listened to by the
WebSphere server. The latter goes to port 443 on the http server which
then drags the content from WAS.
Have you setup the secure link correctly between the http and WebSphere
server? That usually involves making the WAS public key available to the
HTTP server. Can't remember how to do that off the top of my head.
Ian.
--
ian.burnett@uk.ibm.com :: IBM, Hursley, UK
| |
|
| > jbogner@de.ibm.com wrote:
> alias->New
> without success.
> https://my-domain:9443/snoop only works when i typ in
> the port 9443 instead of https://my-domain/snoop
> without the port thing.???
>
> The former goes directly to port 9443 which is
> listened to by the
> WebSphere server. The latter goes to port 443 on the
> http server which
> then drags the content from WAS.
>
> Have you setup the secure link correctly between the
> http and WebSphere
> server? That usually involves making the WAS public
> key available to the
> HTTP server. Can't remember how to do that off the
> top of my head.
>
> Ian.
>
> --
> ian.burnett@uk.ibm.com :: IBM, Hursley, UK
I think the secure link between the http and WepSphere is set up correctly.
But i am not sure. Do I have to make any changes on the httpd.conf file??
I have used the following ibm tutorials to enable ssl between a brwoser and the internal webserver
http://www-1.ibm.com/support/docvie...s=utf-8&lang=en
http://publib.boulder.ibm.com/infoc...c_httpserv.html
But i still have the same problem. (
greetz
jean
| |
| Ian Burnett 2006-04-28, 7:20 am |
| jbogner@de.ibm.com wrote:
> I think the secure link between the http and WepSphere is set up correctly.
> But i am not sure. Do I have to make any changes on the httpd.conf file??
>
> I have used the following ibm tutorials to enable ssl between a brwoser and the internal webserver
>
> http://www-1.ibm.com/support/docvie...s=utf-8&lang=en
>
> http://publib.boulder.ibm.com/infoc...c_httpserv.html
>
> But i still have the same problem. (
What exactly is the problem? "Page cannot be displayed" is a very
generic term supplied by your browser for a whole range of problems. Try
looking for errors in your web server logs (note there are two types of
logs for Apache/IHS - non-secure and secure). Also look for errors in
your WebSphere installation. There's a third location for logs generated
by the plugin too.
Ian.
--
ian.burnett@uk.ibm.com :: IBM, Hursley, UK
| |
|
| hi there,
after hours and hours spending my time on the configuration of my was I finally
was able to solve my problem.
Here is what I did:
- Start WAS admin console
- then Server->AppServer->server1->transportchains
- Click on New
- The wizard appears
- Enter name for transportchain
- select the second template
- enter port 443
- then generate and propagate plugin
- then restart Websphere application server
test the url: https://my-domain.com/snoop
thanks for your help
best regards
jean
| |
| Sunit Patke 2006-04-28, 1:16 pm |
| What about generating SSL certificate on the WAS server, exporting the key
and importing it into the repository on IHS side and then pointing the
plug-in to use that repository?
Sunit
<jbogner@de.ibm.com> wrote in message
news:1624264238.1146228900271.JavaMail.wassrvr@ltsgwas007.sby.ibm.com...
> hi there,
> after hours and hours spending my time on the configuration of my was I
> finally
> was able to solve my problem.
>
> Here is what I did:
> - Start WAS admin console
> - then Server->AppServer->server1->transportchains
> - Click on New
> - The wizard appears
> - Enter name for transportchain
> - select the second template
> - enter port 443
>
> - then generate and propagate plugin
> - then restart Websphere application server
>
> test the url: https://my-domain.com/snoop
>
> thanks for your help
>
> best regards
>
> jean
>
>
|
|
|
|