Securing WebSphere® Application
Server consists of securing IBM® HTTP
Server (IHS), which is installed with WebSphere Application Server; securing
the WebSphere Application
Server HTTP plug-in; and securing the WebSphere Application Server environment.
About this task
Attention: The information in this topic applies
to WebSphere Application Server V7.0 and IBM HTTP Server V7.0. See
Technote 1569987 for information on installing
and configuring WebSphere Application Server V8.0 and IBM HTTP Server
V8.0.
Procedure
- You must perform the tasks described in section 8.7 of
the WebSphere Application Server V7.0 Security Guide to
secure the IBM HTTP Server and WebSphere Application Server for client
certificate authentication.
Attention: SSL
communication does not function and the client certificate is not
sent to WebSphere Application
Server if you do not secure IBM HTTP
Server and the WebSphere Application
Server HTTP plug-in.
- It is a best practice to review the article "WebSphere Application Server V7 advanced security
hardening, Part 1: Overview and approach to security hardening"
in the IBM WebSphere Developer Technical Journal for instructions
on securing the WebSphere Application Server environment.
- Restart the WebServer Application Server to complete the
configuration changes.