Cryptographic hardware for SSL acceleration | HCL Digital Experience
If your portal environment makes extensive use of SSL, you might choose to use cryptographic hardware to offload encryption and improve performance. HCL Portal tolerates interfacing through WebSphere Application Server with cryptographic hardware for SSL acceleration. However, the tasks that are involved in setting up and configuring cryptographic hardware are specific to web servers or WebSphere Application Server and do not necessarily involve configuring HCL Portal.
Most cryptographic hardware requires the PKCS11 support software for the host machine and internal firmware. To get started with cryptographic hardware, you must install the required support software, configure IBM® HTTP Server, then install the necessary devices. Refer to Getting started with the cryptographic hardware for SSL at: http://www-01.ibm.com/support/knowledgecenter/SSEQTJ_8.5.5/com.ibm.websphere.ihs.doc/ihs/tihs_cryptossl.html
- Stand-alone environments: http://www-01.ibm.com/support/knowledgecenter/SSEQTP_8.5.5/com.ibm.websphere.base.doc/ae/csec_plugpoint_custpass_encrypt.html
- Clustered environments: http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.multiplatform.doc/ae/csec_plugpoint_custpass_encrypt.html
- Stand-alone environments:http://www-01.ibm.com/support/knowledgecenter/SSEQTP_8.5.5/com.ibm.websphere.base.doc/ae/tsec_enable_custpass_encrypt.html
- Clustered environments: http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.nd.multiplatform.doc/ae/tsec_enable_custpass_encrypt.html
- Your HCL Portal server uses the RSA_token value for security.
- You enable cryptographic offloading of SSL decryption and encryption through an implementation of PKCS11.
- Log in to the WebSphere® Integrated Solutions Console.
- Go to
- Select Only use the active application authentication mechanism.
- Click Apply then OK and save the changes to the master configuration.
- Log out of the WebSphere® Integrated Solutions Console.
- Restart the HCL Portal server.