1. Business Services Server Reference Guide
  2. Configuring the Listener Service

Configuring the Listener Service

Perform these tasks to configure the listener service:

  • Configure SSL for the Listener Service on a IBM HTTP Server.

To configure SSL for the listener service on an IBM HTTP Server:

  1. Open IKeyman tool (ikeyman.bat under:<IBM_HTTP_SERVER_INSTALL_ROOT>\bin).

    This image is described in the surrounding text.

  2. On the New screen, select CMS from the Key database type list and complete these fields to create a new key database file:

    • File name

      Enter a name or click the Browse button to select a key database file.

    • Location

      Enter the path to the key database file.

  3. Click OK.

    The Password Prompt window opens.

  4. On Password Prompt, enter a password in the Password and Confirm Password fields, and then select the "Stash password to a file?" option.

    This image is described in the surrounding text.

  5. On Create New Key and Certificate Request, enter the name of the new certificate in the Common Name field. Enter the name of the file where the certificate request is stored, and click OK.

  6. Select Personal certificate requests from Key database context menu and click New.

    This image is described in the surrounding text.

  7. Provide the required information. The Certificate Request File is created at <IBM_HTTP_SERVER_INSTALL_ROOT>\bin. By default it is certreq.arm.

  8. Create a CSR at any Certificate Authority with the Certificate Request information contained in the Certificate Request File.

    Also, obtain Root CA and Intermediate CA certificate from the Certificate Authority vendor.

  9. Select the Signer Certificates option from Key database content.

    This image is described in the surrounding text.

  10. Add the Root CA and then Intermediate CA by clicking Add.

    This image is described in the surrounding text.

  11. Select the Personal Certificates option from Key database content. Add the certificate provided by CA by clicking the Receive option.

  12. Save the file. A key database file with extension.kdb is created.

  13. Go to the file <IBM_HTTP_SERVER_INSTALL_ROOT>\conf\httpd.conf and add the following to the VirtualHost:

    LoadModule  ibm_ssl_module   modules/mod_ibm_ssl.so 
Listen 443
<VirtualHost  DENOSCL244.mlab.jdedwards.com:443>
SSLEnable
SSLClientAuth none
</VirtualHost>  
SSLDisable
Keyfile "C:\Program Files\IBM\IBM HTTP Server\bin\key.kdb"

    Customize it according to your environment.

    DENOSCL244.mlab.jdedwards.com -  DNS Name
Keyfile "C:\Program Files\IBM\IBM HTTP Server\bin\key.kdb" -Key Database

  14. Go to plugin-cfg.xml under <WAS_INSTALL_ROOT>/Plugin/config/webserver1, where webserver1 is the webserver name.

    Add <Uri Name="/ListenerService/ ListenerService"/> under the node UriGroup.

    Add <VirtualHost Name="*:443"/> under node VirtualHostGroup

  15. Go to plugin-cfg.xml under<WAS_INSTALL_ROOT>/profiles/default/cells/DENOSCL244Node01Cell/node/webserver1_node/servers/webserver1.

    Add <Uri AffinityCookie="JSESSIONID" AffinityURLIdentifier="jsessionid" Name="/ListenerService/ListenerService"/> under the node UriGroup.

    Add <VirtualHost Name="*:443"/> under node VirtualHostGroup

  16. Restart WAS.

  17. Restart IBM HTTP Server.

  18. Deploy the Listener service.

    See also: