You can install a web server and the web server plug-in
on the machine where you installed WebSphere® Application Server.
Before you begin
If the web server that you are setting up is an IBM HTTP
Server, and you plan to manage that web server through a node agent
that is running as a nonroot user, you must make sure that you adhere
to the following requirements:
- The user ID that you designate as the user ID that owns the IBM
HTTP Server directories and files, is the same user ID under which
the nonroot node agent is running. You cannot run an IBM HTTP Server
as a root user if the node agent that is managing that IBM HTTP Server
is running as nonroot node agent because a node agent process that
is running as a nonroot user cannot spawn off an IBM HTTP Server that
is running as a root user.
- The value you specify for the listener port value must be greater
than 1024. An IBM HTTP Server that is running under a nonroot user
ID does not start if the port number for its listener port is 1024
or less.
You can ensure that the nonroot node agent and the IBM
HTTP Server are using the same user ID if you specify the user ID
that you used to install the product as the user ID for the IBM HTTP
Server when you install the IBM HTTP Server. However, if, you decide
to run the node agent as a nonroot user after you install the IBM
HTTP Server and web server plug-in, you can take the following actions
to enable both the node agent and the IBM HTTP Server to run as nonroot
users:
- Change the user ID for WebSphere Application Server to a nonroot user
ID.
- Configure the run-as setting for the node agent.
- Use the administrative console to create a new IBM HTTP Web Server,
unless an already defined IBM HTTP Server has the required properties.
- Change the ownership of the IBM HTTP Server directory and files
to the nonroot user ID under which the nonroot node agent is running.
About this task
You can define a locally installed Web
server on an unmanaged or managed node. If the web server is defined
on an unmanaged node, the administrative functions are handled through
the IBM® HTTP Server administration server. If the
web server is defined on a managed node, the administrative functions
of the web server are handled through the WebSphere Application Server node agent, which
is beneficial.
Important: IBM HTTP Servers that run on z/OS® do
not provide the administration server. Web servers that do not provide
the administration server must reside on a managed node to facilitate
plug-in administration functions and generation and propagation of
the
plugin-cfg.xml file.
The following steps create
a web server definition in the default profile.
Procedure
- Install IBM Installation Manager.
- Install your WebSphere Application Server product.
- Install IBM HTTP Server or another supported
web server.
- Install the web server plug-ins.
- Install the WebSphere Customization Toolbox.
- Configure the web server plug-in using
the Web Server Plug-ins Configuration Tool.
- Complete the setup by creating the web server definition
using the WebSphere Application Server administrative
console, or run the plug-in configuration script. The creation of
this object is exclusive of the web server installation.
You
must create an application server profile or a custom profile and
federate the node before you can use the administrative console of
the deployment manager to create a web server definition. The same
is true for running the configuration script that the Web Server Plug-ins
Configuration Tool created. You must assign the web server to a managed
node when you create it. The managed node must exist before running
the Web Server Plug-ins Configuration Tool. Otherwise, the installation
is considered a remote installation.
Select one of the following
options:
- Using the administrative console.
Create a web server
definition on an existing application server or unmanaged node:
- Click Servers > Server Types > Web servers > New and
use the Create new web server definition tool to create the
web server definition.
- Select the appropriate node.
- Select a template. Select a system template or a user-defined
template for the web server that you want to create.
- Enter the web server properties:
- Type: The web server vendor type
- Port: The existing web server port (default: 80)
- Installation path: The web server installation path. This field
is required for IBM HTTP Server only.
- Service name (Windows operating systems):
The Windows operating system service name of
the web server. The default is IBMHTTPServer7.0.
- Use secure protocol: Use the HTTPS protocol to communicate with
the web server. The default is HTTP.
- Plug-in installation location: The directory path in which the
plug-in is installed.
- Confirm the creation of the new web server, and click Finish.
After creating the web server, complete the following steps
to verify that the
plugin-key.kdb file is generated
and to configure the web server plug-in with SSL:
- Click Security > SSL certificate and key management.
- Under Configuration settings, click Manage endpoint security
configurations.
- Under Inbound or Outbound, expand cell_name > nodes > Web_server_node_name >
servers and click server_name.
- Under Related Items, click Key stores and certificates.
The administrative console displays the CMSKeyStore configuration
with the path to the plugin-key.kdb file.
- Export the default certificate from key.p12,
and add it as a signer certificate to the plugin-key.kdb.
- Running the plug-in configuration script.
If
you install the plug-in, save the plug-in configuration script to
run after you create a managed node, otherwise an error occurs. Wait
until the script runs successfully and creates the web server definition
on the managed node and node synchronization occurs before starting
the web server.
Adding the node starts the node
agent process. If the node agent is not running, start the node.
Tip: If you want the web server to handle requests for an application
for multiple managed nodes, install the application on each managed
node and on the web server definition. The script already contains
all of the information that you must gather when using the administrative
console option.
What to do next
You can configure non-IBM HTTP Server Web
servers as a remote web server on unmanaged nodes, or as a local Web
server on managed nodes. For a non-IBM HTTP Server web server on a
managed node, the following functions are supported:
- Generation of the plug-in configuration, based on WebSphere Application Server repository changes.
- Propagation of the plugin-cfg.xml file, based on using
node synchronization with the WebSphere Application Server node. Node synchronization
is necessary in order to propagate configuration changes to the affected
node or nodes.
The
plugin-cfg.xml file is propagated to
the application server node repository tree from the deployment manager
repository.
Important: The plugin-cfg.xml file
is propagated to the application server node repository tree. This
is not the default plugin-cfg.xml file installation location.
Changes may have to be made to non-IBM HTTP Server web server configuration
files to update the location of the plugin-cfg.xml file that
is read by the plug-in module.
For example, Internet Information
Services (IIS) has a file name called
plugin-cfg.loc, which
is read by the IIS plug-in modules to determine the location of the
plugin-cfg.xml file.
The
plugin-cfg.loc file has to be updated to reflect the
plugin-cfg.xml file
location in the application server node repository.
Other non-IBM
HTTP Server web servers have different methods to specify the location
of the plugin-cfg.xml file for the plug-in module. However,
in order for propagation to work, update the location to reflect the
location in the application server node repository.
The following functions are not supported on a managed node
for a non-IBM web server.
- Starting and stopping the web server.
- Viewing and editing the configuration file.
- Viewing the web server logs.
For a non-IBM HTTP Server web server on an unmanaged node,
you can generate plug-in configuration, based on
WebSphere Application Server repository changes.
The following functions are not supported on an unmanaged node for
a non-IBM HTTP Server web server:
- Starting and stopping the web server.
- Viewing and editing the configuration file.
- Viewing the web server logs.
- Propagation of the web server plugin-cfg.xml file.