Installing Portal Server on Sun Java System Web Server 7.0 in the SSL Mode

The secure socket layer (SSL) mode enables a user to access Portal Server using the https protocol. The https protocol ensures secured communication between the user and Portal Server. In this scenario, you need to create a secured Web Server instance. After creating a secured Web Server instance, you direct the Portal Server web container to the secured Web Server instance.

This section describes following procedures:

• Create a new configuration instance

• Create a request certificate

• Generate a server certificate

• Add the Server Certificate to the Certificate Database

• Add root ca to the Certificate Database

• Enable SSL on the Listener

To Create a New Configuration Instance

Before You Begin

Install Web Server 7.0 on Node 1.

1. Log in to the Web Server 7.0 administrator console.

   https://node1.domain-name:8989

2. Select New Configuration under the Configuration Tasks option.

3. Type the following values:

   • Configuration name: node1

   • Server name: node1.domain-name

   • Hosts: node1.domain-name

   • Server user: root

   • Port: 8200

4. Move the node from the Available list box to the Selected list box.

5. Click Finish.

6. Start the server configuration and access it.

   http://node1.domain-name:8200

To Create a Request Certificate

1. Run the following command.

   WebServer_base/SUNWwbsvr7/bin/wadm create-cert-request --user=admin --host=node1.domain-name --port=8989 --echo=true --rcfile=rcfile --config=node1 --token=internal --server-name=node1.domain-name --org=org --locality=locality --state=state --country=country

2. Type the token values.

   • Pin: password

   • Administrator user password: password

   The request certificate is created.

3. Send the request certificate to the Certificate Authority for approval.

To Add the Server Certificate to the Certificate Database

1. Add the Server Certificate, servercert, to the certificate database.

   WebServer_base/SUNWwbsvr7/bin/wadm install-cert --user=admin --password-file=password --host=node1.domain-name --port=8989 --ssl=true --rcfile=rcfile1 --echo=true --token=internal --config=node1 --cert-type=server --file-on-server=true --nickname=servercert WebServer_base/SUNWwbsvr7/bin/servercert

2. Type the token values.

   • Pin: password

   • Administrator user password: password

To Add the Root CA Certificate to the Certificate Database

1. Add the root ca certificate to the database.

   WebServer_base/SUNWwbsvr7/bin/wadm install-cert --user=admin --password-file=ps --host=node1.domain-name --port=8989 --ssl=true --rcfile=rcfile1 --echo=true --token=internal --config=node1 --cert-type=ca --file-on-server=true --nickname=rootca root-CA-file-path

2. Type the token values.

   • Pin: password

   • Administrator user password: password

3. Restart the server configuration.

To Enable SSL on the Listener

1. Access the Web Server 7.0 administrator console.

   https://node1.domain-name:8989

2. Select New Configuration on the Tasks page.

3. Select Edit Configuration.

4. Select Virtual Servers.

5. Select http-listener1.

6. Click the Security tab.

7. Select Security option.

8. Click Apply and Close.

9. Click the Deploy button.

10. Restart the servers.

    WebServer_base/SUNWwbsvr7/bin/stopserv WebServer_base/SUNWwbsvr7/bin/startserv

11. Verify the SSL instance by accessing the following URL.

    https://node1.domain-name:8200