Windows

Configuring Microsoft IIS

WebSphere Commerce supports Microsoft IIS Version 7.5 and Microsoft IIS Version 8.0. After you create a WebSphere Commerce instance, complete configuration of the Microsoft IIS web server for use with WebSphere Commerce.

Before you begin

  1. Download the appropriate security patch from the Microsoft website.
  2. Create a production key file:
    1. Request a secure certificate from a certifying authority.
    2. Set your production key file as the current key file.
    3. Receive the certificate and test the production key file.
Note: If you plan to use the IIS Web server with WebSphere Commerce, you need to be aware of associated security considerations and take the recommended actions to minimize any security exposure of your WebSphere Commerce data. For more information, see Security consideration for the Internet Information Services (IIS) web server.

About this task

  1. If you are already using a production key file that is signed by a certifying authority, you might be able to skip these steps.
  2. Your browser might display security messages. Review the information in each message carefully and decide how to proceed.

Procedure

  1. Log in to the WebSphere Application Server Administration Console.
  2. Select Servers then Web servers.
  3. Select webserver1.
  4. Review the settings that are recorded in the Administration Console, and correct them based on your configuration. Apply your changes.
  5. Select Servers then Web servers.
  6. Select webserver1 then Additional Properties.
  7. Review the settings that are recorded in the Administration Console, and correct them based on your configuration. Apply your changes.
  8. Set up SSL signer certificate to match with the SSL personal certificate from the WebSphere Application Server node.
    You need to set up the certificate to allow the web server plug-in to connect to the WebSphere Application Server using SSL (HTTPS). Otherwise, you encounter a GSK_ERROR_BAD_CERT error. For more information about setting the certificate, see the following troubleshooting topic, Technote #1433593.
  9. Update your Microsoft IIS installation with the latest security patches available from Microsoft.
  10. Enable Secure Sockets Layer (SSL). For instructions on enabling SSL, see your Microsoft IIS product documentation.
  11. Add the following Secure Sockets Layer (SSL) ports to your web server:
    • SSL communication port 443
    • SSL communication port 8000
    • SSL communication port 8002
    • SSL communication port 8004
    • SSL communication port 8006
    Note: The port numbers must be the same as the numbers entered during the WebSphere Commerce instance creation.
  12. Add the following non-SSL port to your web server:
    • Non-SSL communication port 8007
    Note: The port number must be the same as the numbers entered during the WebSphere Commerce instance creation.
  13. Test the installation and configuration of your Microsoft IIS web server by opening a web browser and accessing the following web pages:
    • http://IISWebServer_hostname
    • http://IISWebServer_hostname:8007
    • https://IISWebServer_hostname
    • https://IISWebServer_hostname:8000
    • https://IISWebServer_hostname:8002
    • https://IISWebServer_hostname:8004
    • https://IISWebServer_hostname:8006
    Where IISWebServer_hostname is the fully qualified host name of the Microsoft IIS machine.
  14. Review the Configuring Microsoft Internet Information Services (IIS) to ensure that the web server settings are correct.
  15. Go to the following location: WC_installdir/config/deployment/webserverconfig/IIS
  16. Open the addCommerceAliases.js file in a text editor. Review the file and update the ServerNumber and Commerce Web alias paths.
  17. If your web server is on a separate machine, copy the addCommerceAliases.js script to that machine.
  18. On your Microsoft IIS machine, open a Windows command window, and run the following command: cscript.exe WC_installdir/config/deployment/webserverconfig/IIS/addCommerceAliases.js
  19. If your web server is on a separate machine, see Configuring a remote web server.
  20. Enable detailed errors:
    1. Start the IIS Manager
    2. Select Default Web Site > Error Pages > Edit feature setting
    3. Click Detailed errors and click OK.
  21. Enable the DELETE and PUT verbs for the IIS handlers.
    1. Open IIS Manager and navigate to the level you want to manage.
    2. Select the server name and double-click Handler Mappings.
    3. Find the ExtensionlessUrlHandler* handlers.
    4. For each of these handlers, edit the properties to include the following updates:
      1. Select the handler, and in the Actions menu, select Edit.
      2. In the Edit Script Map window, click Request Restrictions.
      3. Select the Verbs tab. Under One of the following verbs:, add DELETE, PUT to the existing verb list and click OK.
    5. In IIS, select your web server. For example, Default Web Site. Under Management, launch the Configuration Editor.
    6. In the Section menu, select system.webServer/handlers.
    7. Select the (Collection) element. In the Actions menu, select Edit Items.
    8. Select WebDAV. In the Actions menu, select Remove.
    9. Close the Collection Editor window.
    10. In the Section menu, select system.webServer/modules.
    11. Select the (Collection) element. In the Actions menu, select Edit Items.
    12. Select WebDAVModule. In the Actions menu, select Remove.
    13. Close the Collection Editor window.
    14. In the Actions menu, click Apply.
  22. Restart the Microsoft IIS Admin Service from the Windows Services panel.
  23. Start the website.