Securing WebSphere Application Server

Securing WebSphere® Application Server consists of securing IBM® HTTP Server (IHS), which is installed with WebSphere Application Server; securing the WebSphere Application Server HTTP plug-in; and securing the WebSphere Application Server environment.

About this task

Attention: The information in this topic applies to WebSphere Application Server V7.0 and IBM HTTP Server V7.0. See Technote 1569987 for information on installing and configuring WebSphere Application Server V8.0 and IBM HTTP Server V8.0.

Procedure

  1. You must perform the tasks described in section 8.7 of the WebSphere Application Server V7.0 Security Guide to secure the IBM HTTP Server and WebSphere Application Server for client certificate authentication.
    Attention: SSL communication does not function and the client certificate is not sent to WebSphere Application Server if you do not secure IBM HTTP Server and the WebSphere Application Server HTTP plug-in.
  2. It is a best practice to review the article "WebSphere Application Server V7 advanced security hardening, Part 1: Overview and approach to security hardening" in the IBM WebSphere Developer Technical Journal for instructions on securing the WebSphere Application Server environment.
  3. Restart the WebServer Application Server to complete the configuration changes.

Feedback