ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahustep4configureclientauthenticationforhumanresourceswebserver.htm

86 lines
6.2 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Configure client authentication for human resources Web server" />
<meta name="DC.Relation" scheme="URI" content="rzahudcmpublicaccessscen.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahustep3createandoperatealocalca.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahustep5startthehumanresourceswebserverinsslmode.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzahustep4configureclientauthenticationforhumanresourceswebserver" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Configure client authentication for human resources Web server</title>
</head>
<body id="rzahustep4configureclientauthenticationforhumanresourceswebserver"><a name="rzahustep4configureclientauthenticationforhumanresourceswebserver"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Configure client authentication for human resources Web server</h1>
<div><div class="section"><p>You must configure the general authentication settings for the
HTTP Server when you specify that the HTTP Server require certificates for
authentication. You configure these settings in the same security form that
you used to configure the server to use Secure Sockets Layer (SSL). </p>
<p>To
configure the server to require certificates for client authentication, follow
these steps: </p>
</div>
<ol><li><span>Start the HTTP Server Administration interface.</span></li>
<li><span>Using your browser, go to the <span class="keyword">i5/OS™</span> Tasks
page on your system at http://your_system_name:2001.</span></li>
<li><span>Select <strong>IBM<sup>®</sup> Web Administration for <span class="keyword">i5/OS</span></strong>. </span></li>
<li><span>To work with a specific HTTP server, select these page tabs <span class="menucascade"><span class="uicontrol">Manage</span> &gt; <span class="uicontrol">All Servers </span> &gt; <span class="uicontrol">All
HTTP Servers</span></span> to view a list of all configured HTTP
servers.</span></li>
<li><span>Select the appropriate server from the list and click <span class="uicontrol">Manage
Details</span>.</span></li>
<li><span>In the navigation frame, select <span class="uicontrol">Security</span>.</span></li>
<li><span>Select the <span class="uicontrol">Authentication</span> tab in the form.</span></li>
<li><span>Select <span class="uicontrol">Use i5/OS profile of client</span>.</span></li>
<li><span>In the <span class="uicontrol">Authentication name or realm</span> field,
specify a name for the authorization realm.</span></li>
<li><span>Select <samp class="codeph">Enabled</samp> for the <span class="uicontrol">Process requests
using client's authority</span> field and click <span class="uicontrol">Apply</span>.</span></li>
<li><span>Select the <span class="uicontrol">Control Access</span> tab in the form.</span></li>
<li><span>Select <span class="uicontrol">All authenticated users (valid user name and
password)</span> and click <span class="uicontrol">Apply</span>.</span></li>
<li><span>Select the <span class="uicontrol">SSL with Certificate Authentication</span> tab
in the form. </span></li>
<li><span>Ensure that <samp class="codeph">Enabled</samp> is the selected value in the <span class="uicontrol">SSL</span> field.
</span></li>
<li><span>In the <span class="uicontrol">Server certificate application name</span> field,
ensure that the correct value is specified, for example, <samp class="codeph">QIBM_HTTP_SERVER_MYCOTEST</samp>. </span></li>
<li><span>Select <span class="uicontrol">Accept client certificate if available before
making connection</span>. Click <span class="uicontrol">OK</span>.</span></li>
</ol>
<div class="section"><p>You can learn more about the overall configuration needed for your
HTTP Server when using SSL in the <a href="../rzaie/rzaiemain.htm">HTTP Server for iSeries™</a> Information topic, especially
in an example called Scenario: JKL enables Secure Sockets Layer (SSL) protection
on their HTTP Server (powered by Apache). This scenario provides
all the task steps for creating a virtual host and configuring it to use SSL.</p>
<p>When
you complete the client authentication configuration, you can restart the
HTTP server in SSL mode and begin protecting the privacy of the data of the
human resources application.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahudcmpublicaccessscen.htm" title="In this scenario, you to learn how to use certificates as an authentication mechanism to protect and restrict which resources and applications that internal users can access on your internal servers.">Scenario: Use certificates for internal authentication</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzahustep3createandoperatealocalca.htm">Create and operate a Local CA</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzahustep5startthehumanresourceswebserverinsslmode.htm">Start the human resources Web server in SSL mode</a></div>
</div>
</div>
</body>
</html>