Support for iPlanet Web Server 6.0
Sun Cluster 3.0 Update 1 now supports iPlanet Web Server 6.0.
Two procedures have changed for iPlanet Web Server 6.0.
Installing Certificates on Secure Instances of iPlanet Web Server 6.0
The procedure for installing certificates on secure instances of iPlanet Web Server has changed for version 6.0. If you plan to run secure instances of iPlanet Web Server 6.0, complete the following steps when you install security certificates. This installation procedure requires that you create a certificate on one node, and then create symbolic links to that certificate on the other cluster nodes.
-
Run the administrative server on node1.
-
From your Web browser, connect to the administrative server as http://node1.domain:port.
For example, http://phys-schost-1.eng.sun.com:8888. Use whatever port number you specified as the administrative server port during installation. The default port number is 8888.
-
Install the certificate on node1.
This installation creates three certificate files. One file, secmod.db, is common to all nodes, and the other two are specific to node1. These files are located in the alias subdirectory, under the directory in which the iPlanet Web Server files are installed.
-
If you installed iPlanet Web Server on a global file system, complete the following tasks. If you installed iPlanet Web Server on a local file system, go to Step 5.
-
Note the location and file names for the three files created when installing the certificate in Step 3.
For example, if you installed iPlanet Web Server in /global/iws/servers, and you used the IP address "IPx" when installing the certificate, then the paths to the files on node1 would be
/global/iws/servers/alias/secmod.db
/global/iws/servers/alias/https-IPx-node1-cert7.db
/global/iws/servers/alias/https-IPx-node1-key3.db
-
Create symbolic links for all other cluster nodes to the node-specific files for node1.
In the following example, substitute the appropriate file paths for your system.
# ln -s /global/iws/servers/alias/https-IPx-node1-cert7.db /global/iws/servers/alias/https-IPx-node2-cert7.db # ln -s /global/iws/servers/alias/https-IPx-node1-key3.db /global/iws/servers/alias/https-IPx-node2-key3.db
-
-
If you installed iPlanet Web Server on a local file system, complete the following tasks.
-
Note the location and file names for the three files created on node1 when installing the certificate in Step 3.
For example, if you installed iPlanet Web Server in /local/iws/servers, and you used the IP address "IPx" when installing the certificate, then the paths to the files on node1 would be
/local/iws/servers/alias/secmod.db
/local/iws/servers/alias/https-IPx-node1-cert7.db
/local/iws/servers/alias/https-IPx-node1-key3.db
-
Move the three certificate files to a location on the global file system.
In the following example, substitute the appropriate file paths for your system
# mv /local/iws/servers/alias/secmod.db /global/secure/secmod.db # mv /local/iws/servers/alias/https-IPx-node1-cert7.db /global/secure/https-IPx-node1-cert7.db # mv /local/iws/servers/alias/https-IPx-node1-key3.db /global/secure/https-IPx-node1-key3.db
-
Create symbolic links between the local and global paths of the three certificate files.
Create the symbolic links on each node in the cluster.
In the following example, substitute the appropriate file paths for your system.
# Symbolic links for node1 # ln -s /global/secure/secmod.db /local/iws/servers/alias/secmod.db # ln -s /global/secure/https-IPx-node1-cert7.db /local/iws/servers/alias/https-IPx-node1-cert7.db # ln -s /global/secure/https-IPx-node1-key3.db /local/iws/servers/alias/https-IPx-node1-key3.db # Symbolic links for node2 # ln -s /global/secure/secmod.db /local/iws/servers/alias/secmod.db # ln -s /global/secure/https-IPx-node1-cert7.db /local/iws/servers/alias/https-IPx-node2-cert7.db # ln -s /global/secure/https-IPx-node1-key3.db /local/iws/servers/alias/https-IPx-node2-key3.db
-
Specifying the Location of the Access Logs
The procedure for specifying the location of the access logs while configuring an iPlanet Web Server has changed for iPlanet Web Server 6.0. To specify the location of the access logs while configuring an iPlanet Web Server, complete the following steps.
This change replaces Step 6 through Step 8 in the procedure "How to Configure an iPlanet Web Server" in Chapter 3, "Installing and Configuring Sun Cluster HA for iPlanet Web Sever," in the Sun Cluster 3.0 U1 Data Services Installation and Configuration Guide.
-
Edit the ErrorLog, PidLog, and access log entries in the magnus.conf file to reflect the directory created in Step 5 of the "How to Configure an iPlanet Web Server" procedure in Chapter 3 of the Sun Cluster 3.0 U1 Data Services Installation and Configuration Guide, and synchronize the changes from the administrator's interface.
The magnus.conf file specifies the locations for the error, access, and PID files. Edit this file to change the error, access, and PID file locations to the directory that you created in Step 5 of the "How to Configure an iPlanet Web Server" procedure in Chapter 3 of the Sun Cluster 3.0 U1 Data Services Installation and Configuration Guide. The magnus.conf file is located in the config directory of the iPlanet server instance. If the instance directory is located on the local file system, you must modify the magnus.conf file on each of the nodes.
Change the following entries:
ErrorLog /global/data/netscape/https-schost-1/logs/error PidLog /global/data/netscape/https-schost-1/logs/pid ... Init fn=flex-init access="$accesslog" ...
to
ErrorLog /var/pathname/http-instance/logs/error PidLog /var/pathname/http-instance/logs/pid ... Init fn=flex-init access="/var/pathname/http-instance/logs/access" ...
As soon as the administrator's interface detects your changes, the interface displays a warning message, as follows.
Warning: Manual edits not loaded Some configuration files have been edited by hand. Use the "Apply" button on the upper right side of the screen to load the latest configuration files.
-
Click Apply as prompted.
The administrator's interface displays a new web page.
-
Click Load Configuration Files.
- © 2010, Oracle Corporation and/or its affiliates