iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Integrating the WebSafe2 Internet Security
Processor (WISP)
iTP Secure WebServer System Administrator’s Guide—523346-002
5-7
Preparing a Distinguished Name (DN) for the
Certificate
Preparing a Distinguished Name (DN) for the Certificate
Use the instructions in Formatting Distinguished Names (DNs) on page 4-4 to prepare
a DN for the Certificate you will obtain. You will use this DN when you configure and
generate a public/private key pair.
Installing the WebSafe2 Interface Driver (WID)
Install the WID software by unpaxing the file T7951PAX using the following command:
$ISV.ZWEB.COPYOSS $ISV.ZWEB.T7951PAX
where:
ISV
is your installed volume.
COPYOSS
ensures that all files in the archive are placed in the /user/tandem/webserver
directories.
Configuring the iTP Secure WebServer for WebSafe2 Internet
Security Processors (WISPs)
To configure the iTP Secure WebServer for WISPs, run install.WS -websafe
located in <installation directory>/admin/conf.
•
To configure the WISP at the same time that you configure the rest of the iTP
Secure WebServer environment, use the install.WS script with or without the
-upgrade option, depending on whether you are establishing a new configuration
or upgrading an existing one.
•
To add the WISP to an existing configuration, use the install.WS script with the
-websafe option. (If you are running install.WS -upgrade to replace an existing
iTP Secure WebServer with a new one, do not specify the -websafe option. The
script automatically updates the WebSafe2 configuration.)
Before you run the script, you should use the Subsystem Control Facility (SCF) to
verify that the TCP/IP process has been specified for the private WebSafe2 subnet.
(Perform this verification step even if you plan to use $ZTC0, the default TCP/IP
process name.) If the TCP/IP process name you specify when configuring the iTP
Secure WebServer is not already specified for the WebSafe2 subnet, the WID cannot
start and the iTP Secure WebServer cannot communicate with the WISP.
The install.WS script prompts you for the DN, the IP addresses of the WISPs, and
the TCP/IP process name for each address. If you are running install.WS with the -
upgrade or -websafe option, the script automatically detects the presence of your old
configuration, saves the old httpd.websafe.config file as
httpd.websafe.config.BAK, and implements the new configuration you specify.