280 IBM WebSphere Everyplace Access V5, Volume IV: Advanced Topics
Mapping rules
You need to update the mapping rules because they vary for different scenarios
because applications use different paths for their content location. Example 8-3
illustrates the added directives for this sample scenario.
Example 8-3 Mapping Rules
# ===================================================================== #
## Mapping rules
## ===================================================================== #
Exec /admin-bin/* C:\PROGRA~1\IBM\edge\cp\server_root\admin-bin\*
Pass /wsApplet/* C:\PROGRA~1\IBM\edge\cp\server_root\admin-bin\webexec\*
#
# HTTP Access Services changes - sample scenario
#Pass /* C:\PROGRA~1\IBM\edge\cp\server_root\pub\en_US\*
#
# URL translation rules; If your documents are under
#
# NOTE: The installation defaults should be added below
# *** ADD NEW MAPPING RULES HERE ***
#
Pass /pub/* C:\PROGRA~1\IBM\edge\cp\server_root\pub\en_US\*
Proxy /wps/* http://wea02.itso.ral.ibm.com/wps/*
# End of HTTP Access Services changes#
8.2.1 Creating an Everyplace Connection Manager server certificate
HTTP Access Services in Everyplace Connection Manager requires secure
connections with client devices by using SSL. This section describes the
configuration required to create the server certificate to establish a secure
connection with HTTP clients using the IBM Key Management version 7.0.1.13
for Linux.
The connection between Everyplace Connection Manager and the Reverse
Proxy can also be secure with SSL. However, this is optional and, therefore, is
not documented in this chapter.
Note: A self-signed certificate is used for this scenario. However, for better
security, it is recommended that you obtain and import a server certificate
from an authorized Certificate Authority (CA).
Chapter 8. Using Everyplace Connection Manager HTTP Access Services 281
To create an Everyplace Connection Manager server certificate, follow these
steps:
1. Log on to Everyplace Connection Manager machine with the correct
privileges.
2. Search for the ikeyman file, and run this file from a terminal window. In this
scenario, the ikeyman file is located on /opt/IBMJava2-141/jre/bin. It can be
different depending how you install Everyplace Connection Manager and its
related products (for example, DB2, Directory Server).
3. The IBM Key Management window should open. Select Key Database File
→ Open as shown in Figure 8-4.
Figure 8-4 IBM Key Management initial window
4. In the Open window, select CMS as the key database type, and browse for
the http.trusted.kdb file which must be in the /opt/IBM/wecm directory
(Figure 8-5).
5. Click OK to enter the password.
Figure 8-5 Open Key Database
282 IBM WebSphere Everyplace Access V5, Volume IV: Advanced Topics
6. The default password used by Everyplace Connection Manager is trusted.
Initially, enter this password, and click OK to access the key database as
illustrated in Figure 8-6.
7. For this sample scenario a self-signed certificate is used. Select Create
→
New Self-Signed Certificate from the menu. The Create New Self-Signed
Certificate form appears.
Figure 8-6 Create a New Self-Signed certificate (1 of 2)
8. Provide the information needed to create the certificate (see Figure 8-7 on
page 283).
9. Click OK to create the certificate. If there is more than one certificate created,
you are asked if the certificate is the default (active) key in the database.
Note: You can store many certificates in the database. However, only one
certificate can be active at the server side.
Get IBM WebSphere Everyplace Access V5 Handbook for Developers and Administrators Volume IV: Advanced Topics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
