Configuring IBM HTTP Server for i5/OS for SSL client authentication

Use the Configuration and Administration forms of the IBM HTTP Server for i5/OS to configure your IBM HTTP Server for secure sockets layer (SSL) client authentication. For more information, including prerequisites for SSL security, see these topics in the iSeries Information Center:

Use the IBM HTTP Server for i5/OS configuration and administration forms to create a virtual host and configure the port for SSL:

  1. In the Server field, select your HTTP server instance.
  2. In the left pane, click General Server Configuration.
  3. In the right pane, click the General Settings tab.
  4. Under Server IP addresses and ports to listen on, click Add. Specify values for these fields:
  5. Click OK.
  6. In the right pane, select Global Configuration in the Server area.
  7. In the left pane, click Container Management.
  8. In the right pane, select the Virtual Hosts tab.
  9. Click Add.
  10. For the IP address or host name field, select All IP addresses.
  11. For the Port field, enter the port number you wish to protect with SSL.
  12. Click OK.
  13. Select your new virtual host in the Server area.
  14. In the left pane, click Security.
  15. In the right pane, select Enable SSL.
  16. For the Server certificate application name field, select the automatically generated Application ID (QIBM_HTTP_SERVER_LDH for example).
  17. Select Require client certificate for connection.
  18. Click OK.

To complete this task you need the Application ID you selected above to install a server certificate for your Web server. Use the IBM Digital Certificate Manager (DCM) to install certificates on your Web server and Web browsers. See these topics in the iSeries Information Center: