Step 2: Configure the web server for X.509
Procedure
- Log in to the IBM Spectrum LSF Application Center web server as root.
- Set your IBM Spectrum LSF Application Center environment.
For example:
- For csh or tcsh:
# source /opt/pac/cshrc.platform
- For sh, ksh, or bash:
# . /opt/pac/profile.platform
- For csh or tcsh:
- Stop IBM Spectrum LSF Application Center.
# pmcadmin stop
- Enable HTTPS.
# pmcadmin https enable --password changeit
Specify the keystore password. The password must be at least 6 characters long. The default keystore password is changeit.
-
Edit $GUI_CONFDIR/server_https.xml and replace with the following:
<featureManager> <feature>ssl-1.0</feature> <feature>appSecurity-2.0</feature> </featureManager> <ssl id="defaultSSLConfig" clientAuthenticationSupported="true" keyStoreRef="defaultKeyStore" /> <keyStore id="defaultKeyStore" location="/opt/pac/gui/conf/my.p12" type="PKCS12" password="changeit"/>
Check that the parameters location and password are correct in your environment. If any of these attributes are not valid, the server-side certificate fails to authenticate. The user will not be able to log on to IBM Spectrum LSF Application Center.
- Start IBM Spectrum LSF Application Center.
# pmcadmin start