Using X.509 certificates from a key database to configure ITOMweb to support SSL or TLS
Configure SSL or TLS to enable secure communication between web browsers and the ITOMweb virtual host on the IBM® HTTP Server (powered by Apache) using the X.509 certificates that are stored in a key database.
The following examples describe the basic steps and required configuration directives. Configure other SSL directives as specified by your organization policies.
- Uncomment the
modules/mod_ibm_ssl.soconfiguration directive in the httpd.con file.
- In the omweb.vhost.conf file, add the following lines immediately
SSLServerCert Host Server Cert Label
- Immediately after the configuration directive that ends the virtual host definition
</VirtualHost>), add the following configuration directive:
The key database must contain the server certificate including its private key and all the certificates in the certificate chain all the way back to the Root CA certificate.
<VirtualHost *:8392> ServerAdmin firstname.lastname@example.org DocumentRoot /itom/om ServerName RS13:8392 SSLEnable KeyFile itomweb.kdb SSLStashFile itomweb.sth SSLClientAuth None SSLServerCert "RS13"