Enabling the SSL Accelerator option
An SSL Accelerator (or SSL Terminator) strips off HTTPS encryption at or before the Web server tier in a multitier setup. When you use an SSL Accelerator with WebSphere Commerce, you can use the SSL Accelerator option to configure WebSphere Commerce to correctly receive requests that require redirects.
Procedure
- Open the WebSphere Commerce configuration file.
-
Locate the section for the Web module that you are enabling an SSL Accelerator.
Each Web module in WebSphere Commerce has a configuration section. For example, the Stores Web module:
<Module contextPath="/webapp/wcs/stores" fileServletEnabled="false" name="Stores" urlMappingPath="/servlet" webAlias="/wcsstore"> <InitParameters adapters="XML/HTTP, BrowserAdapter" contextSetName="Store" handleDoubleClick="true" /> </Module>
-
Add the following attributes to the InitParameters element:
For example, to use the default ports that WebSphere Commerce configures for the Stores Web module with an SSL Accelerator, configure WebSphere Commerce following this example:
where:<Module contextPath="/webapp/wcs/stores" fileServletEnabled="false" name="Stores" urlMappingPath="/servlet" webAlias="/wcsstore"> <InitParameters adapters="XML/HTTP, BrowserAdapter" contextSetName="Store" handleDoubleClick="true" SSLAcceleratorOption="Enabled" inSSLPort="443" inNonSSLPort="80" outSSLPort="443" outNonSSLPort="80" /> </Module>
- SSLAcceleratorOption
- Set the value to "Enabled" to indicate that an SSL Accelerator is used for that Web module.
- inSSLPort
- The port that is configured for WebSphere Commerce to receive the SSL data. WebSphere Commerce treats any data that is received on this port as SSL data even if the scheme says
http
. The default is port 443. - inNonSSLPort
- The port that is configured for WebSphere Commerce to receive the non-SSL data. WebSphere Commerce treats any data that is received on this port as non-SSL data. The default port is 80.
- outSSLPort
- The port that WebSphere Commerce uses to send out SSL data on a redirect. The default port is 443.
- outNonSSLPort
- The port that WebSphere Commerce uses to send out non-SSL data on a redirect. The default port is 80.
- Propagate the changes to the WebSphere Commerce configuration file.
- Start your WebSphere Commerce instance if it is not already started.
-
Run the following command:
WC_installdir/bin/config_ant.sh -DinstanceName=instance_name UpdateEAR
WC_installdir/bin/config_ant.bat -DinstanceName=instance_name UpdateEAR
- Restart your WebSphere Commerce instance.
-
Disable SSL for those ports that no longer need SSL by editing the Web server
configuration.
For example, if you are using an SSL Accelerator for the Stores Web module, disable SSL for port 443. For the IBM HTTP Server, remove the following directives from the host_name:443 VirtualHost:
SSLEnable SSLClientAuth 0
-
Set the Application Server port preference:
- Open the WebSphere Application Server administrative console.
- Expand Servers.
- Click Web Servers.
- Click webserver1 (or the Web Server that is associated with your WebSphere Commerce application).
- Click Plug-in properties.
- Click Request and Response.
- For the Application server port preference field, select Webserver port
- Click OK.
- Save the configuration.
- Regenerate the Web server plug-in configuration file.
- Restart the Web server that WebSphere Commerce is running on.
- Optional:
If your site uses a starter store, change your store environment setup file to create the
proper absolute paths for Ajax links.
- Optional:
Delete all compiled pages from your storefront. Your store JSP files must be recompiled for
your changes to appear when a shopper visits your store.
What to do next
Host: myhost:443
.