Before you begin
WebSphere has an internal HTTP transport which accepts HTTP requests. If you install an external HTTP server, the Web server plug-in must forward requests from the external HTTP server to WebSphere's internal HTTP transport. You should follow HTTP vendor's instruction to install and configure your HTTP server. Test your HTTP server by accessing http://your-host-URL and https://your-host-URL. You should also have Web server plugin installed. See "Installing IBM HTTP Server" for instructions on installing HTTP Server and Web server plugin. The connection between external HTTP server and WebSphere is by default not secured, even when global security is enabled.
This section documents the configuration necessary to instantiate a secure connection between the Web server plug-in and the internal HTTP transport in the WebSphere Application Server Web container on a distributed platform. By default, this connection is not secure, even when global security is enabled. This document discusses the configuration for IBM HTTP Server; however, the Web server-related configuration in this situation is not specific to any distributed platform Web server.
Steps for this task
When you install Web server plugin, a default key ring, plugin-key.kdb, is installed in plugin_install_root/etc. Use this file instead of creating a new one. In the following steps, a new file is created, but the steps are similar if you use an existing file. Create a directory on the Web server host for storing the key ring file that is referenced by the plug-in and associated files (for example, plugin_install_root/etc/keys).
Result
The IBM HTTP Server plug-in and the internal Web server are configured for SSL.Related concepts
Secure Sockets Layer
Related tasks
Managing digital certificates
Creating a Secure Sockets Layer repertoire configuration entry
Related reference
Port number settings in WebSphere Application Server versions