iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series

181

182

183

184

185

186

187

188

189

190

Configuring the iTP Secure WebServer

iTP Secure WebServer System Administrator’s Guide—522659-001

7-54

Configuring Your Server for WebSafe2 Internet

Security Processor (WISP) Use

Configuring Your Server for WebSafe2 Internet

Security Processor (WISP) Use

You use the install.WS script described in Section 2, Installing the iTP Secure

WebServer to configure the server to use WISPs. The install.WS script creates and edits

the configuration files wid.config and httpd.websafe.config. You must edit these files if

you want to add WISPs. If you want to incorporate a WISP in an existing configuration,

run the install.WS script using the -upgrade or -websafe option.

Updating the WebSafe2 Interface Driver (WID) Configuration

The WebSafe2 Interface Driver (WID) configuration file, wid.config, is located in

/usr/tandem/webserver/conf. The wid.config file contains the IP addresses of the WISP

it manages and the file name for storing certificate and key information. There are also

configuration parameters that specify a WID trace file, an error log file, and a timeout

parameter that specifies how long the WID is to wait for responses from the WISP. The

trace and error logs are not affected when the

httpd command is invoked using the

-rollover option.

You must edit wid.config if you decide to add WISPs to your configuration or if you

decide to change the values of other parameters. The following subsection explains how

to add WISPs.

Adding WebSafe2 Internet Security Processors (WISPs) to Your

Configuration

If you add WISPs to your configuration, you must add their IP addresses to

wid.config using an ip parameter in the following form:

ip = ip_address [TCP/IP_process]

If you want to use the default TCP/IP process $ZTC0, and $ZTC0 has been added to the

configuration of the subnet for the WISP you are adding, you don’t need to specify the

TCP/IP process name.

All WISPs in a single iTP Secure WebServer environment must have the same Superkey

and Master File Key. Multiple WISPs can have the same or different certificates; the

configuration is simplest to manage if all WISPs use the same certificate, stored in the

file assigned to the keyfile parameter in wid.config.

Note. Your httpd.config file can include the httpd.stl.config file or the httpd.websafe.config file,

but not both.