What is it?

An HTTP Server communicates with an integrated application server using the integrated application server web plug-in, which is an HTTP Server module that is dynamically linked and loaded to extend the nature of the HTTP Server. You can now update web plug-in properties from the Web Administration GUI or by using a Qshell script.

The properties that can be set are related to TLS Related hostname certificate validation.  If communications between an HTTP Server and an integrated web application server is over a secure connection, you can indicate that the web plug-in compare values from the certificate (Common Name, SAN DNS names, SAN IP addresses) to values contained within the web plug-in configuration file. The certificate presented by the application server must contain a hostname that matches what is set in the web plug-in configuration file.

Figure 1 shows the the properties for the web plug-in from the perspective of the Web Administration GUI.

Figure 1. Web plug-in properties tab in Web Administration GUI

webPluginConfig.sh                                                     
    -operation '*UPDATE'  -server 'server-name|*ADMIN'                 
    [-secureHostVerification 'true|false']                             
    [-hostAliases 'host-alias-list'] [ -printErrorDetails ] [ -help ]

Why use it?

If communications between an HTTP Server and an integrated web application server is over a secure connection, you may want the web plug-in to perform additional validation of the certificates provided by the application server.

Availability

The support is enabled in the following HTTP group PTFs:

V7R5M0 SF99952 Level 11
V7R4M0 SF99662 Level 32
V7R3M0 SF99722 Level 50