86 lines
6.2 KiB
HTML
86 lines
6.2 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="task" />
|
||
|
<meta name="DC.Title" content="Configure client authentication for human resources Web server" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzahudcmpublicaccessscen.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzahustep3createandoperatealocalca.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzahustep5startthehumanresourceswebserverinsslmode.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzahustep4configureclientauthenticationforhumanresourceswebserver" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Configure client authentication for human resources Web server</title>
|
||
|
</head>
|
||
|
<body id="rzahustep4configureclientauthenticationforhumanresourceswebserver"><a name="rzahustep4configureclientauthenticationforhumanresourceswebserver"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Configure client authentication for human resources Web server</h1>
|
||
|
<div><div class="section"><p>You must configure the general authentication settings for the
|
||
|
HTTP Server when you specify that the HTTP Server require certificates for
|
||
|
authentication. You configure these settings in the same security form that
|
||
|
you used to configure the server to use Secure Sockets Layer (SSL). </p>
|
||
|
<p>To
|
||
|
configure the server to require certificates for client authentication, follow
|
||
|
these steps: </p>
|
||
|
</div>
|
||
|
<ol><li><span>Start the HTTP Server Administration interface.</span></li>
|
||
|
<li><span>Using your browser, go to the <span class="keyword">i5/OS™</span> Tasks
|
||
|
page on your system at http://your_system_name:2001.</span></li>
|
||
|
<li><span>Select <strong>IBM<sup>®</sup> Web Administration for <span class="keyword">i5/OS</span></strong>. </span></li>
|
||
|
<li><span>To work with a specific HTTP server, select these page tabs <span class="menucascade"><span class="uicontrol">Manage</span> > <span class="uicontrol">All Servers </span> > <span class="uicontrol">All
|
||
|
HTTP Servers</span></span> to view a list of all configured HTTP
|
||
|
servers.</span></li>
|
||
|
<li><span>Select the appropriate server from the list and click <span class="uicontrol">Manage
|
||
|
Details</span>.</span></li>
|
||
|
<li><span>In the navigation frame, select <span class="uicontrol">Security</span>.</span></li>
|
||
|
<li><span>Select the <span class="uicontrol">Authentication</span> tab in the form.</span></li>
|
||
|
<li><span>Select <span class="uicontrol">Use i5/OS profile of client</span>.</span></li>
|
||
|
<li><span>In the <span class="uicontrol">Authentication name or realm</span> field,
|
||
|
specify a name for the authorization realm.</span></li>
|
||
|
<li><span>Select <samp class="codeph">Enabled</samp> for the <span class="uicontrol">Process requests
|
||
|
using client's authority</span> field and click <span class="uicontrol">Apply</span>.</span></li>
|
||
|
<li><span>Select the <span class="uicontrol">Control Access</span> tab in the form.</span></li>
|
||
|
<li><span>Select <span class="uicontrol">All authenticated users (valid user name and
|
||
|
password)</span> and click <span class="uicontrol">Apply</span>.</span></li>
|
||
|
<li><span>Select the <span class="uicontrol">SSL with Certificate Authentication</span> tab
|
||
|
in the form. </span></li>
|
||
|
<li><span>Ensure that <samp class="codeph">Enabled</samp> is the selected value in the <span class="uicontrol">SSL</span> field.
|
||
|
</span></li>
|
||
|
<li><span>In the <span class="uicontrol">Server certificate application name</span> field,
|
||
|
ensure that the correct value is specified, for example, <samp class="codeph">QIBM_HTTP_SERVER_MYCOTEST</samp>. </span></li>
|
||
|
<li><span>Select <span class="uicontrol">Accept client certificate if available before
|
||
|
making connection</span>. Click <span class="uicontrol">OK</span>.</span></li>
|
||
|
</ol>
|
||
|
<div class="section"><p>You can learn more about the overall configuration needed for your
|
||
|
HTTP Server when using SSL in the <a href="../rzaie/rzaiemain.htm">HTTP Server for iSeries™</a> Information topic, especially
|
||
|
in an example called Scenario: JKL enables Secure Sockets Layer (SSL) protection
|
||
|
on their HTTP Server (powered by Apache). This scenario provides
|
||
|
all the task steps for creating a virtual host and configuring it to use SSL.</p>
|
||
|
<p>When
|
||
|
you complete the client authentication configuration, you can restart the
|
||
|
HTTP server in SSL mode and begin protecting the privacy of the data of the
|
||
|
human resources application.</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahudcmpublicaccessscen.htm" title="In this scenario, you to learn how to use certificates as an authentication mechanism to protect and restrict which resources and applications that internal users can access on your internal servers.">Scenario: Use certificates for internal authentication</a></div>
|
||
|
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzahustep3createandoperatealocalca.htm">Create and operate a Local CA</a></div>
|
||
|
<div class="nextlink"><strong>Next topic:</strong> <a href="rzahustep5startthehumanresourceswebserverinsslmode.htm">Start the human resources Web server in SSL mode</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|