Notes to Help You Enable Your IBM i Zend Server Web Site for SSL

Follow

Issue

Customers interested in using SSL to protect their web site may not know where to even start.  This article provides a few tips to help.

Environment

Any version of Zend Server for IBM i running on any supported version of IBM i.

Resolution

The first thing you need to do is get a certificate. This is a kind of key for your SSL site that provides authentication to clients. You can get a certificate from a company like VeriSign.

Next, you need to install your certificate on your IBM i. To do this, you will use a utility from IBM called the Digital Certificate Manager (DCM). Here is a link to the 7.2 online documentation for DCM:

Digital Certificate Manager

IBM Support can help you install your certificate if you have any difficulty with DCM.

When you set up your certificate in DCM, you must also assign an Application Name to it. This Application Name is all you need to know about the certificate to use it in IBM HTTP Server (Apache).

Zend Deployment will prompt you for the Application Name value when you set up a new virtual host and select SSL. The virtual host will then be deployed with all the directives you need to make SSL work with that virtual host.

The only thing you would need to know about other than the Application Name for your cert is how to add a new port to Apache, in case your new virtual host listens on some other port than the default. It is common to use port 443 for SSL.  This article tells how to listen on and additional port:

Port settings for virtual host deployed on IBM i

If you prefer to set up your own virtual host in your Apache configuration, the IBM documentation provides a good example scenario here:

JKL Toy company enables Secure Sockets Layer (SSL) protection on HTTP Server

Here are some additional notes from IBM support:

IBM Enable Apache HTTP for SSL - United States

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk