Step 2: Configure the web server for X.509

Procedure

  1. Log in to the IBM Spectrum LSF Application Center web server as root.
  2. Set your IBM Spectrum LSF Application Center environment.

    For example:

    • For csh or tcsh:
      # source /opt/pac/cshrc.platform
    • For sh, ksh, or bash:
      # . /opt/pac/profile.platform
  3. Stop IBM Spectrum LSF Application Center.
    # pmcadmin stop
    
  4. Enable HTTPS.
    # pmcadmin https enable --password changeit

    Specify the keystore password. The password must be at least 6 characters long. The default keystore password is changeit.

  5. Edit $GUI_CONFDIR/server_https.xml and replace with the following:
    
    <featureManager>
         <feature>ssl-1.0</feature>
         <feature>appSecurity-2.0</feature>
    </featureManager>
    <ssl id="defaultSSLConfig"  clientAuthenticationSupported="true"  keyStoreRef="defaultKeyStore" />
    <keyStore id="defaultKeyStore" location="/opt/pac/gui/conf/my.p12" type="PKCS12" password="changeit"/>

    Check that the parameters location and password are correct in your environment. If any of these attributes are not valid, the server-side certificate fails to authenticate. The user will not be able to log on to IBM Spectrum LSF Application Center.

  6. Start IBM Spectrum LSF Application Center.
    # pmcadmin start