[AIX Solaris HP-UX Linux Windows][z/OS]

Preparing for security at installation time

Complete the following tasks to implement security before, during, and after installing WebSphere® Application Server.

Procedure

  1. [AIX Solaris HP-UX Linux Windows]Secure your environment before installation.
    This step describes how to perform WebSphere Application Server installation with proper authority on different platforms. For more information, refer to Securing your environment before installation.
  2. [AIX Solaris HP-UX Linux Windows] Prepare the operating system for installation of WebSphere Application Server.
    This step describes how to prepare the different operating systems for installation of WebSphere Application Server. For more information, see the topic on preparing the operating system for product installation.
  3. [z/OS] Install WebSphere Application Server.
    This step describes how to install WebSphere Application Server on the z/OS® platform. For more information, see the topic on installing the product and additional software.
  4. Migrate security configurations from previous releases during installation, when you are prompted to do so.
    This step describes how to migrate security configurations from a previous release of WebSphere Application Server to WebSphere Application Server Version 8.5.

    For more information, see the topic on migrating the product configurations.

  5. Optional: [AIX Solaris HP-UX Linux Windows]You can create a profile during install time. If you elect to do so, administrative security is enabled for that profile by default. A panel is displayed during profile creation time and enabling administrative security is selected by default. If you elect to keep this as the default, you must supply an administrative user ID and password. This user ID is created in a federated repository, which is the default user registry when enabling administrative security at profile creation time.
  6. If you go into the advanced profile creation, a panel is available for changing the default settings for your certificate, a root certificate (used to sign your personal certificate) and a personal certificate (used to sign/encrypt data over the network). Ensure that the root certificate has a long lifetime and the personal certificate a shorter one. Import your own personal certificate and or root certificate. If your personal certificate is signed by the certificate authority (CA), it is not important to change your root certificate. You should also change the default keystore password to something more secure.
  7. Optional: [z/OS]During customization of a stand-alone application server or WebSphere Application Server Network Deployment cell, you can enable administrative security by using either a z/OS security product or WebSphere Application Server to manage users, groups, and the security policy.
  8. Secure your environment after installation.
    This step provides information on how to protect password information after you install WebSphere Application Server. For more information, see Securing your environment after installation.
  9. [z/OS]For information about enabling security after customization is complete, see Enabling security.