Securing WebSphere® Application
Server consists of securing IBM® HTTP
Server (IHS), which is installed with WebSphere Application Server; securing
the WebSphere Application
Server HTTP plug-in; and securing the WebSphere Application Server environment.
Procedure
-
You must secure IBM HTTP Server and WebSphere Application Server for client certificate authentication by
completing the tasks that are described in section 8.7 of the WebSphere Application Server V7.0 Security
Guide.
Important: If you do not secure IBM HTTP Server
and the WebSphere Application Server HTTP plug-in, then
SSL communication does not function. As a result, the client certificate is not sent to WebSphere Application Server.
-
For instructions on securing the WebSphere
Application Server environment, review the article Advanced security
hardening in WebSphere Application Server V7, V8, and
V8.5, Part 1: Overview and approach to security hardening in the IBM
WebSphere Developer Technical Journal.
- Restart the WebSphere Application
Server to complete the configuration changes.