Configuring secure sockets for CCRC

To provide secure communications between CCRC and CM Server, you can configure CM Server to support the IBM® Secure Sockets Layer (IBM SSL) protocol:

  1. The current version of CM Server does not support Open SSL. If you are upgrading a product that uses CM Server and want to use previously created Open SSL certificates, see Converting Open SSL certificates to IBM SSL to convert your existing certificates for use with IBM SSL. If you perform the conversion, you do not need to perform any of the steps below. To create new certificates using IBM SSL, follow the rest of the steps below.
  2. Uncomment the Include conf/ssl.conf statement in httpd.conf (located in the \IHS\conf directory).
  3. If you have not created the files /common/IHS/key.kbd and key.sth, do so using IKeyMan, the IBM utility for creating and managing SSL keys and key databases. Run IKeyMan from the common/IHS/bin directory. For more information, see the Help for IKeyMan and then see Creating HTTP server keys.
  4. Next, create your certificate. See Creating a self-signed certificate for the HTTP server. For information about creating a new Certificate Request to send to Certificate Authority, see the Help for IKeyMan.
  5. To force processing of non-SSL requests as SSL requests, using CM Server, use the optional procedure Forcing an SSL connection using CM Server.

Feedback