IBM Tivoli Monitoring, Version 6.3 Fix Pack 2

Configuring TLS/SSL communication between the load balancing HTTP Server and each portal server's local HTTP server

If you want to use HTTPS in a dashboard environment that is using a HTTP server to load balance multiple Tivoli® Enterprise Portal Servers, you must configure TLS/SSL communication from the load balancing HTTP server to each portal server's local HTTP server.

Roadmap

Use the following roadmap to help you get started:

Table 1. Roadmap for configuring TLS/SSL communication between the load balancing HTTP Server and each portal server's local HTTP server
Step	Description	Where to find information
1	You have two options for obtaining the public-private key pair used by the portal server's HTTP server: Use the default self-signed certificates installed with IBM Tivoli Monitoring. If you choose this option, proceed to step 2. OR Use a digital certificate that has been signed by a certificate authority. In this case, you must create a certificate request for each portal server and send it to the certificate authority for signing. Once the digital certificate has been signed, you add the certificate authority signer's certificate to the portal server's trust stores, and then add the new digital signature to the portal server's key stores.	Using third party certificate authority signed certificates for the portal server
2	For each portal server's HTTP server, extract the public signer certificate from the trust store.	Extracting the portal server's local HTTP server public signer certificate
3	Add the public signer certificate for each portal server's HTTP server into the load balancing HTTP server’s trust store.	If you are using the IBM HTTP Server, follow the steps in Configuring TLS/SSL communication for the IBM HTTP Server used for load balancing multiple portal servers.

Feedback