IHS – Daghosoft

step by step to Integrate https with ibm connections

1) Verify where kdb and sth files are stored :

Was console: security -> SSL certificate and key management -> Key stores and certificates -> CMSKeyStore (verify path)

2) Open plugin xml and verify where store sth and kdb files then copy from websphere path (1) .

Server Types-> Web servers > webserver1 > Plug-in properties -> Plug-in key store directory and file name
If not present:

-) Configure Ihs using ibm docs then open Was console: servertypes / webServers / webservername -> plugin options-> copy kdb to plugin folder
-) Set default cert in kdb using ikeyman

3) Configure virtual host to use ssl :


LoadModule ibm_ssl_module modules/mod_ibm_ssl.so

<IfModule mod_ibm_ssl.c>
Listen 0.0.0.0:443

<VirtualHost *:443>
ServerName www.mydomain.com
SSLEnable
</VirtualHost>

</IfModule>

SSLDisable
Keyfile "<path used in plugin>\plugin-key.kdb"
SSLStashFile "<path used in plugin>\plugin-key.sth"


LoadModule was_ap22_module /opt/ibm/Plugins/bin/64bits/mod_was_ap22_http.so
WebSpherePluginConfig /opt/ibm/Plugins/config/webserver1/Plugin-cfg.xml

Start a IHS as daemon

This is my IHS script for Linux

#!/bin/sh
### BEGIN INIT INFO
# Provides: ibm-http
# Required-Start: $local_fs $remote_fs $network $syslog
# Required-Stop: $local_fs $remote_fs $network $syslog
# Default-Start: 3 5
# Default-Stop: 0 1 6
# Short-Description: Start/stop IBM HTTP Server
### END INIT INFO
#
# IBM HTTP This init.d script starts the IBM HTTP Server

# Find the name of the script
NAME=`basename $0`
ihs_Path=/opt/ibm/HTTPServer

IBMHTTPCTL="${ihs_Path}/bin/apachectl"

set -e
if [ ! -x ${ihs_Path}/bin/httpd ] ; then
echo "No IBM HTTP Server installed"
exit 0
fi

start() {
echo -n $"Starting ${NAME} service: "
$IBMHTTPCTL -k start; &gt; /dev/null
ret=$?
if [ $ret -eq 0 ]
then
echo "${NAME} Started."
else
echo "${NAME} Starting Failed!"
exit 1
fi
echo
}

stop() {
echo -n $"Stopping ${NAME} service: "
$IBMHTTPCTL -k stop &gt; /dev/null

ret=$?
if [ $ret -eq 0 ]
then
echo "${NAME} Stop Success."
else
echo "${NAME} Stop Failed!"
exit 1
fi
echo
}

graceful() {
echo -n $"graceful ${NAME} service: "
$IBMHTTPCTL -k graceful
ret=$?
if [ $ret -eq 0 ]
then
echo "graceful Success."
else
echo "graceful Failed!"
exit 1
fi
echo
}

restart() {
echo -n $"Restart ${NAME} service: "
$IBMHTTPCTL -k restart
ret=$?
if [ $ret -eq 0 ]
then
echo "restart Success."
else
echo "restart Failed!"
exit 1
fi
echo
}

case "$1" in
start)
start
;;
stop)
stop
;;
graceful)
graceful
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|graceful|restart}"
exit 1
esac
exit 0

Step by step htadmin config to use with Websphere Application Server

Here you can find step by step configuration for use IHS htadmin

Step 1 generate user :

/opt/ibm/HTTPServer/bin/htpasswd -cm /opt/ibm/HTTPServer/conf/admin.passwd htadmin

Step 2 edit admin.conf :

vi /opt/ibm/HTTPServer/conf/conf/admin.conf

#Change listen port:
Listen 8008

#Change running user
User wwwrun
Group www

#Set serverName
ServerName servername.mydomain.com

Step 3 add user and group to run htadmin:
groupadd www
useradd wwwrun -g www

Step 4 run htadmin:

/opt/ibm/HTTPServer/bin/adminctl start