iTP Secure WebServer System Administrators Guide (Version 7.5+)
Enter the First Pathmon to use for your iTP WebServer (Default /G/zweb)
#: /G/TWEB
Enter the Second Pathmon to use for your iTP WebServer (Default /G/yweb)
#: /G/UWEB
NOTE: The target installation path cannot be the same as the source path.
After the installation of iTP WebServer is complete, do not delete or modify the version-specific
directory (/usr/tandem/webserver/<version>) or its sub-directories. You cannot delete
or modify the directory because the OSS symbolic links present in the directory where the iTP
Secure WebServer was installed point to this directory tree. If any of these directories or
sub-directories are deleted, the entire product (starting with unpaxing the product PAX file) will
have to be reinstalled.
You can now continue with any of the following:
• “Setup for TCP/IPv6 support” (page 42)
• “Generate Diffie-Hellman Parameters” (page 43)
• “Setup for IP CIP Support” (page 43)
• “Installing the Resource Locator” (page 44).
Setup for TCP/IPv6 support
In addition to scanning for conventional TCP/IP processes, the setup script checks for the presence
of TCP6SAM processes on the target system. The script queries your intentions. The following are
examples of the interaction:
If you want to use TCP/IPv6 as your underlying transport services, you need only one TCP6SAM (TCP Socket Access
Method) process. Therefore, the following lookup process will only list the first one it encounters.
If you want to use a TCP6SAM process other than the one in the list, follow the manual configuration procedures.
Do you want to use ONLY TCP/IPv6 as your transport services?Type y/n (Default: n) #:
You can use the conventional TCP/IP support, the TCP/IPv6 support, or both. If you had to use
both versions of support (presumably a non iTP Secure WebServer reason) you would not get the
Auto-Accept feature from the iTP Secure WebServer and might receive minimal performance
improvement.
The sample script continues as if you had replied Yes to the TCP/IPv6 query by presenting you
with a menu of choices. The script found a TCP6SAM process ($ZSAM1) running, so is enabling
you to continue with the configuration.
1) Skip configuring iTP WebServer (that is, configuration exists)
2) Auto-configure iTP WebServer
Defaults: TCP/IP process: /G/ZSAM1 TCP/IP Port: 80 TCP/IP Secure Port: 443 Test Certificate:
CN=Secure Transport Bootstrap Certificate, OU=Testing Only - Do Not Trust for Secure Transactions, OU=No Assurance
- Self-Signed, OU=Generated <dateString>, O=<organization>
Pathmon name: /G/zweb Guardian Pathmon subvolume name: /G/system/zweb.
3) Perform manual configuration for iTP WebServer
Choose 1, 2 (Default) or 3 #:
There are other dialogs with the setup script if you choose conventional TCP/IP support, or support
for both types of support.
LNP Support for TCP/IPv6
LNP can be viewed as an instance of the Conventional TCP/IP (T9551) process that spans all CPUs
within a system. Each LNP can logically be viewed as a different Conventional TCP/IP process
running on the system with its own set of IP addresses. An IP address used on one LNP cannot be
used on a different LNP. Applications on one LNP are isolated from applications on different LNPs
on the same system in the same way they would be if using different Conventional TCP/IP processes.
Communication between such applications will only be through the attached local area networks.
TCP/IPv6 does not forward internal packets between partitions.
NOTE: For more information on system configuration of LNP, see the TCP/IPv6 Configuration
and Management Manual.
42 Installing the iTP Secure WebServer