|
I am sending this to the java400 mailing list because I got no response on the web400 list. We have WebSphere running on the iSeries. The HTTP server is also running on the iSeries. SSL is enabled for the HTTP server, configured using a cert purchased from Thawte. SSL settings are turned on in WAS. I have WAS set up do that it will not receive requests on port 9080 from the external world. Everything is working perfectly. We are currently using the default key file for SSL between the plugin and WAS. Since both WAS and the HTTP server are on the same machine, is it a problem that it is using the dummyKeyFile for this, or should I go through the process of making a new key file for the plugin and WAS? Setting up WAS and the plugin with a custom keyfile is a non-trivial task and I would rather not do it if I don't have to. If the key file should be changed, what exactly is the security risk when the HTTP server and WAS run on the same machine? I'd greatly appreciate it if anyone can explain these points to me. Thanks NOTE: This electronic message and attachment(s), if any, contains information which is intended solely for the designated recipient(s). Unauthorized disclosure, copying, distribution, or other use of the contents of this message or attachment(s), in whole or in part, is prohibited without the express authorization of the sender of this message.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.