HTTPS with WebSphere Application Server

To secure web access to your application, you can configure and start your application in HTTPS mode.

After you deploy Web Administration Tool in WebSphere® Application Server, you can start your application. You can connect to Web Administration Tool securely by providing HTTPS web address and the secure port.

To use HTTPS, provide the following web address to accessWeb Administration Tool:

https://hostname:12101/IDSWebApp

To use non-HTTPS connection, provide the following web address to accessWeb Administration Tool:

http://hostname:12100/IDSWebApp

You can also change the default JKS files with certificates that are provided with the web application server for SSL/TLS secure communication. You can create new key and truststore database files to use with application that is deployed in WebSphere Application Server. The default key and truststore database files are separate and are in the WAS_HOME/profiles/TDSWebAdminProfile/etc/ directory. The WAS_HOME variable is the installation location of WebSphere Application Server. The default key database file is key.p12, and the default truststore database file is trust.p12.

If you created your JKS files, you can change the key and truststore database files. To configure your JKS files, passwords, and file formats, add, or modify the following entries (highlighted in bold) in the WAS_HOME/profiles/TDSWebAdminProfile/config/cells/DefaultNode/security.xml file:

<keyStores xmi:id="KeyStore_DefaultNode_10" 
 name="key.p12" 
 password="{xor}CDo9Hgw=" 
 provider="IBMJCE" 
 location="${WAS_HOME}/profiles/TDSWebAdminProfile/etc/key.p12" 
 type="JKS" 
 fileBased="true" 
 hostList="" 
 managementScope="ManagementScope_DefaultNode_1"/>
<keyStores xmi:id="KeyStore_DefaultNode_11" 
 name="trust.p12" 
 password="{xor}CDo9Hgw=" 
 provider="IBMJCE" 
 location="${WAS_HOME}/profiles/TDSWebAdminProfile/etc/trust.p12" 
 type="JKS" 
 fileBased="true" 
 hostList="" 
 managementScope="ManagementScope_DefaultNode_1"/>