Installing Certificates on Secure Instances of iPlanet Web Server 6.0
The procedure for installing certificates on secure instances of iPlanet Web Server has changed for version 6.0. If you plan to run secure instances of iPlanet Web Server 6.0, complete the following steps when you install security certificates. This installation procedure requires that you create a certificate on one node, and then create symbolic links to that certificate on the other cluster nodes.
-
Run the administrative server on node1.
-
From your Web browser, connect to the administrative server as http://node1.domain:port.
For example, http://phys-schost-1.eng.sun.com:8888. Use whatever port number you specified as the administrative server port during installation. The default port number is 8888.
-
Install the certificate on node1.
This installation creates three certificate files. One file, secmod.db, is common to all nodes, and the other two are specific to node1. These files are located in the alias subdirectory, under the directory in which the iPlanet Web Server files are installed.
-
If you installed iPlanet Web Server on a global file system, complete the following tasks. If you installed iPlanet Web Server on a local file system, go to Step 5.
-
Note the location and file names for the three files created when installing the certificate in Step 3.
For example, if you installed iPlanet Web Server in /global/iws/servers, and you used the IP address "IPx" when installing the certificate, then the paths to the files on node1 would be
/global/iws/servers/alias/secmod.db
/global/iws/servers/alias/https-IPx-node1-cert7.db
/global/iws/servers/alias/https-IPx-node1-key3.db
-
Create symbolic links for all other cluster nodes to the node-specific files for node1.
In the following example, substitute the appropriate file paths for your system.
# ln -s /global/iws/servers/alias/https-IPx-node1-cert7.db /global/iws/servers/alias/https-IPx-node2-cert7.db # ln -s /global/iws/servers/alias/https-IPx-node1-key3.db /global/iws/servers/alias/https-IPx-node2-key3.db
-
-
If you installed iPlanet Web Server on a local file system, complete the following tasks.
-
Note the location and file names for the three files created on node1 when installing the certificate in Step 3.
For example, if you installed iPlanet Web Server in /local/iws/servers, and you used the IP address "IPx" when installing the certificate, then the paths to the files on node1 would be
/local/iws/servers/alias/secmod.db
/local/iws/servers/alias/https-IPx-node1-cert7.db
/local/iws/servers/alias/https-IPx-node1-key3.db
-
Move the three certificate files to a location on the global file system.
In the following example, substitute the appropriate file paths for your system
# mv /local/iws/servers/alias/secmod.db /global/secure/secmod.db # mv /local/iws/servers/alias/https-IPx-node1-cert7.db /global/secure/https-IPx-node1-cert7.db # mv /local/iws/servers/alias/https-IPx-node1-key3.db /global/secure/https-IPx-node1-key3.db
-
Create symbolic links between the local and global paths of the three certificate files.
Create the symbolic links on each node in the cluster.
In the following example, substitute the appropriate file paths for your system.
# Symbolic links for node1 # ln -s /global/secure/secmod.db /local/iws/servers/alias/secmod.db # ln -s /global/secure/https-IPx-node1-cert7.db /local/iws/servers/alias/https-IPx-node1-cert7.db # ln -s /global/secure/https-IPx-node1-key3.db /local/iws/servers/alias/https-IPx-node1-key3.db # Symbolic links for node2 # ln -s /global/secure/secmod.db /local/iws/servers/alias/secmod.db # ln -s /global/secure/https-IPx-node1-cert7.db /local/iws/servers/alias/https-IPx-node2-cert7.db # ln -s /global/secure/https-IPx-node1-key3.db /local/iws/servers/alias/https-IPx-node2-key3.db
-
- © 2010, Oracle Corporation and/or its affiliates