IBM HTTP Server SSL Setup

IBM HTTP Server SSL Setup is one of the common requirement which every customer ask to implement on their servers. As I have done that several times, its pretty easy for me to perform the task. But for beginners it may be difficult on how to configure the same for IBM HTTP server.

I do refer to one of the IBM Support Technote that has everything to check for. From an abstract view, here are the steps that you need to look out for.

1. Get the certificate from client and use IKEYMAN tool to generate the Key database file. Please follow this technote for reference.

2. Modify the SSL related tags in httpd.conf file,

Uncomment LoadModule ibm_ssl_module modules/mod_ibm_ssl.so

Use the below values for enabling SSL,

Listen 0.0.0.0:443
## IPv6 support:
Listen [::]:443
<VirtualHost *:443>
SSLEnable
SSLProtocolDisable SSLv2
</VirtualHost>
KeyFile <kdb file location>
SSLDisable
# End of example SSL configuration

These 2 steps are enough to perform the SSL setup (provided the certificate and http server are working properly).

There are 2-3 examples given in the technote mentioned above that are used frequently in many implementations.

To go indepth of all the directives that are used in SSL setup, then please refer to the IBM HTTP Server Knowledge center link that explains about the SSL Directives, SSLEnable, SSLProtocolDisable & SSLDisable.