IHS SSL Configurations 6.1 using IBM Key Management Utility
Start Key Management Utility
Create New key database along with password protections as shown in below screens
![]()
4 files will be created
1) test_cert.kdb
2) test_cert.crl
3) test_cert.rdb
4) test_cert.sth
Now Create / generate a Certificate Request
Select Personal Certificate Request and Click New Request and get the Certificate from Authorized CA and Complete the Server Certificate Request using ikeyman utility.
Step:-1) Personal Certificate Request ( Create CSR )
Step:-2) Signer Certificates ( Get CSR signed by Authorized CA and import Root CA)
Step:-3) Personal Certificates ( Import the Certificate received from CA )
imp note:-> All the signer Certificates must exists in the Key Database before completing the Certificate Request.
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
![]()
httpd modifications
#Enable or Load below module
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
Listen 443
ServerName mytestserver.com
DocumentRoot "D:\IBM\HTTPServer\htdocs\en_US"
SSLEnable
Keyfile "D:\IBM\HTTPServer\ssl\temp\test_cert.kdb"
SSLV2Timeout 100
SSLV3Timeout 1000
SSLDisable
Restart Http Services and Check https://mytestserver.com/
Start Key Management Utility
Create New key database along with password protections as shown in below screens
4 files will be created
1) test_cert.kdb
2) test_cert.crl
3) test_cert.rdb
4) test_cert.sth
Now Create / generate a Certificate Request
Select Personal Certificate Request and Click New Request and get the Certificate from Authorized CA and Complete the Server Certificate Request using ikeyman utility.
Step:-1) Personal Certificate Request ( Create CSR )
Step:-2) Signer Certificates ( Get CSR signed by Authorized CA and import Root CA)
Step:-3) Personal Certificates ( Import the Certificate received from CA )
imp note:-> All the signer Certificates must exists in the Key Database before completing the Certificate Request.
httpd modifications
#Enable or Load below module
LoadModule ibm_ssl_module modules/mod_ibm_ssl.so
Listen 443
ServerName mytestserver.com
DocumentRoot "D:\IBM\HTTPServer\htdocs\en_US"
SSLEnable
Keyfile "D:\IBM\HTTPServer\ssl\temp\test_cert.kdb"
SSLV2Timeout 100
SSLV3Timeout 1000
SSLDisable
Restart Http Services and Check https://mytestserver.com/
No comments:
Post a Comment