Securing WebSphere® Application Server
Securing WebSphere® Application Server consists of securing IBM® HTTP Server (IHS), which is installed with WebSphere® Application Server; securing the WebSphere® Application Server HTTP plug-in; and securing the WebSphere® Application Server environment.
Procedure
- You must secure IBM® HTTP
Server and WebSphere® Application
Server for client certificate authentication by completing the tasks
that are described in section 8.7 of the WebSphere® Application
Server V7.0 Security Guide.Important: If you do not secure IBM® HTTP Server and the WebSphere® Application Server HTTP plug-in, then SSL communication does not function. As a result, the client certificate is not sent to WebSphere® Application Server.
- For instructions on securing the WebSphere® Application Server environment, review the article Advanced security hardening in WebSphere® Application Server V7, V8, and V8.5, Part 1: Overview and approach to security hardening in the IBM® WebSphere® Developer Technical Journal.
- Restart the WebSphere® Application Server to complete the configuration changes.