Manualshelf

iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
191192193194195196197198199200
Configuring the iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide523346-002
7-55
Configuring Your Server for WebSafe2 Internet
Security Processor (WISP) Use
Configuring Your Server for WebSafe2 Internet
Security Processor (WISP) Use
You use the install.WS script described in Section 2, Installing the iTP Secure
WebServer to configure the server to use WISPs. The install.WS script creates and
edits the configuration files wid.config and httpd.websafe.config. You must
edit these files if you want to add WISPs. If you want to incorporate a WISP in an
existing configuration, run the install.WS script using the -upgrade or -websafe option.
Updating the WebSafe2 Interface Driver (WID) Configuration
The WebSafe2 Interface Driver (WID) configuration file, wid.config, is located in
/usr/tandem/webserver/conf. The wid.config file contains the IP addresses
of the WISP it manages and the file name for storing certificate and key information.
There are also configuration parameters that specify a WID trace file, an error log file,
and a timeout parameter that specifies how long the WID is to wait for responses from
the WISP. The trace and error logs are not affected when the httpd command is
invoked using the -rollover option.
You must edit wid.config if you decide to add WISPs to your configuration or if you
decide to change the values of other parameters. The following subsection explains
how to add WISPs.
Adding WebSafe2 Internet Security Processors (WISPs) to Your
Configuration
If you add WISPs to your configuration, you must add their IP addresses to
wid.config using an ip parameter in the following form:
ip = ip_address [TCP/IP_process]
If you want to use the default TCP/IP process $ZTC0, and $ZTC0 has been added to
the configuration of the subnet for the WISP you are adding, you don’t need to specify
the TCP/IP process name.
All WISPs in a single iTP Secure WebServer environment must have the same
Superkey and Master File Key. Multiple WISPs can have the same or different
certificates; the configuration is simplest to manage if all WISPs use the same
certificate, stored in the file assigned to the keyfile parameter in wid.config.
Note. Your httpd.config file can include the httpd.stl.config file or the httpd.websafe.config file,
but not both.