Enabling IBM HTTP Server for https communication

Step1

    a.) Create a keystore

    b.) Acquire a certificate or create a self signed certificate.

    Please refer any my previous blogposts mentioned below.

            Management with ikeycmd command

           Certificate Management The ikeyman way ..

           Useful keytool commands for certificate management

           Certificate Management by using gsk7cmd command



Step2

    Configure IHS to enable https communication


    a.) Open the IHS configuration file and add entries to load SSL modules


        LoadModule ibm_ssl_module modules/mod_ibm_ssl.so


    b). Add/Change the listening port


        Listen 443


    c.) Add below stanza for IHS to use the keystore created at step1 during https communication

            #SSL Configuration

            SSLEnable

            Keyfile <path of keyfile>/kefilename.kdb

 

        Note:- If you are adding above stanza inside a virtualhost, configuration will be specific to that virtualhost.

Step3

        Restart the IHS instance.

        Try accessing the URL prefixing https://


            Note:- If the certificate is self signed certificate, you need to add the signer  manually in your browser keystore, otherwise you will receive a certificate warning while accessing the URL.








Posted by 1 comment:

Configuring mod_jk connector

Configuring mod_jk connector.


mod_jk is a plug-in which 

handles the communication between Apache and Tomcat.


Step1


    Update apache configuration file (httpd.conf) to load 

mod_jk module.


    Open the httpd.conf file and create below entry. Ensure 

that mod_jk.so file exists in the apache module directory.


    LoadModule jk_module module/mod_jk.so


Step2


    Configure worker.properties file path in apache 

configuration file.


    JkWorkersFile <Path>/workers.properties


    Configure mod_jk log path

    JkLogFile <path>/mod_jk.log


 Configure the mount point from a context to a Tomcat


worker


JkMount /test/* balancer


Step3


    Create and configure workers.properties file.

    Please note that the file should be created in the same 

path mentioned in step2


    #lb configuration


    worker.balancer.type=lb

    worker.balancer.balance_workers=worker1,worker2


    #worker1 configuration


    worker.worker1.type=ajp13

    worker.worker1.port=8009

    worker.worker1.host=<hostname of worker1>


    #worker2 configuration


    worker.worker2.type=ajp13

    worker.worker2.port=9009

    worker.worker2.host=<hostname of worker2>

Posted by No comments:
Subscribe to: Posts (Atom)