
Configuring Microsoft IIS
WebSphere Commerce supports Microsoft IIS Version 7.5 and Microsoft IIS Version 8.0.
After you create a WebSphere Commerce instance, complete configuration of the Microsoft IIS web
server for use with WebSphere Commerce.
Before you begin
- Download the appropriate security patch from the Microsoft website.
- Create a production key file:
- Request a secure certificate from a certifying authority.
- Set your production key file as the current key file.
- Receive the certificate and test the production key file.
Note: If you plan to use the IIS Web server with WebSphere Commerce, you need
to be aware of associated security considerations and take the recommended actions to minimize any
security exposure of your WebSphere Commerce data. For more information, see Security consideration for the Internet Information Services (IIS) web server.
About this task
- If you are already using a production key file that is signed by a certifying authority, you might be able to skip these steps.
- Your browser might display security messages. Review the information in each message carefully and decide how to proceed.
Procedure
- Log in to the WebSphere Application Server Administration Console.
- Select Servers then Web servers.
- Select webserver1.
- Review the settings that are recorded in the Administration Console, and correct them based on your configuration. Apply your changes.
- Select Servers then Web servers.
- Select webserver1 then Additional Properties.
- Review the settings that are recorded in the Administration Console, and correct them based on your configuration. Apply your changes.
-
Set up SSL signer certificate to match with the SSL personal certificate from the WebSphere
Application Server node.
You need to set up the certificate to allow the web server plug-in to connect to the WebSphere Application Server using SSL (HTTPS). Otherwise, you encounter a GSK_ERROR_BAD_CERT error. For more information about setting the certificate, see the following troubleshooting topic, Technote #1433593.
- Update your Microsoft IIS installation with the latest security patches available from Microsoft.
- Enable Secure Sockets Layer (SSL). For instructions on enabling SSL, see your Microsoft IIS product documentation.
-
Add the following Secure Sockets Layer (SSL) ports to your web server:
- SSL communication port 443
- SSL communication port 8000
- SSL communication port 8002
- SSL communication port 8004
- SSL communication port 8006
Note: The port numbers must be the same as the numbers entered during the WebSphere Commerce instance creation. -
Add the following non-SSL port to your web server:
- Non-SSL communication port 8007
Note: The port number must be the same as the numbers entered during the WebSphere Commerce instance creation. -
Test the installation and configuration of your Microsoft IIS web server by opening a web browser and
accessing the following web pages:
- http://IISWebServer_hostname
- http://IISWebServer_hostname:8007
- https://IISWebServer_hostname
- https://IISWebServer_hostname:8000
- https://IISWebServer_hostname:8002
- https://IISWebServer_hostname:8004
- https://IISWebServer_hostname:8006
- Review the Configuring Microsoft Internet Information Services (IIS) to ensure that the web server settings are correct.
- Go to the following location: WC_installdir/config/deployment/webserverconfig/IIS
- Open the addCommerceAliases.js file in a text editor. Review the file and update the ServerNumber and Commerce Web alias paths.
- If your web server is on a separate machine, copy the addCommerceAliases.js script to that machine.
-
On your Microsoft IIS machine, open a
Windows command window, and run the following command:
cscript.exe WC_installdir/config/deployment/webserverconfig/IIS/addCommerceAliases.js
- If your web server is on a separate machine, see Configuring a remote web server.
-
Enable detailed errors:
- Start the IIS Manager
- Select
- Click Detailed errors and click OK.
-
Enable the DELETE and PUT verbs for the IIS handlers.
- Restart the Microsoft IIS Admin Service from the Windows Services panel.
- Start the website.