Securing WebSphere® Application
Server consists of securing IBM® HTTP
Server (IHS), which is installed with WebSphere Application Server as part of
the Rational® ClearQuest® Web installation; securing
the WebSphere Application
Server HTTP plug-in; and securing the WebSphere Application Server environment.
Procedure
- You must perform the tasks described in sections 7.2 and
7.3 of the IBM WebSphere Application Server V6.1 Security
Handbook to secure IBM HTTP
Server and the WebSphere Application
Server HTTP plug-in, respectively: http://www.redbooks.ibm.com/abstracts/sg246316.html?Open.
Attention: SSL communication does not function and
the client certificate is not sent to WebSphere Application Server if you do
not secure IBM HTTP Server and
the WebSphere Application
Server HTTP plug-in.
- It is a best practice to review sections 11, 12, 14, and
15 of the IBM WebSphere Developer Technical Journal article
"WebSphere Application
Server V6 advanced security hardening – Part 1" for instructions on
securing the WebSphere Application
Server environment: http://www.ibm.com/developerworks/websphere/techjournal//0512_botzum/0512_botzum1.html.
- Restart the WebServer Application Server to complete the
configuration changes.