Enabling FIPS and TLS for the Apache 2.x plug-in  Managing FIPS for the redirector plug-ins

Chapter 4: Installing and Configuring a Web Server Redirector Plug-In

Enabling FIPS and TLS for Netscape 6.1, Sun Java System 6.x, iPlanet 4.1 plug-ins

This section tells you how to copy required files and configure the FIPS-supported redirector plug-in for Netscape 6.1, or iPlanet 4.1. It assumes you have already installed and configured the plug-in for non-FIPS use and updated this installation by following the instructions described in “Adding FIPS and TLS support to the Web server redirector plug-ins”.

  1. Edit the obj.conf file to load the FIPS-supported redirector module. The following lines illustrate a sample obj.conf file that supports FIPS and TLS. The only difference from a non-FIPS sample is that the file libjeas_httpd40.so (iPlanet and Sun Java System) or libjeas_httpd60.so (Netscape) is replaced with libjeas_httpd40_f140.so (iPlanet and Sun Java System) or libjeas_httpd60_f140.so (Netscape). For example:

    Netscape:

    Init fn="load-modules" shlib="WEB_SERVER_HOME/bin/https/libjeas_httpd60_f140.so" funcs="conn_init,conn_service" 

Init fn="conn_init" configfile="/webserver/https-neptune/config/conn_config"

    iPlanet:

    Init fn="load-modules"shlib="WEB_SERVER_HOME/bin/https/libjeas_httpd40_f140.so"
funcs="conn_init,conn_service" 

Init fn="conn_init" configfile="/webserver/https-neptune/config/conn_config"

    Sun Java System:

    Init fn="load-modules"shlib="WEB_SERVER_HOME/bin/https/libjeas_httpd40_f140.so"
funcs="conn_init,conn_service" 

Init fn="conn_init" configfile="/webserver/https-neptune/config/conn_config"

  2. Copy the required libraries. When you initially installed the non-FIPS-supported Netscape, Sun Java System, or iPlanet Web server plug-ins, and used WEB_SERVER_HOME as the location of the Web server software, you copied the libraries listed in Table 4-4 from your $JAGUAR/lib directory to the appropriate subdirectory. To support FIPS, you must also copy the following files to the same directory:

  3. Verify that the Web redirector plug-in still works for your HTTP connections.

  4. Enable FIPS for the redirector plug-in and establish HTTPS connections. See “Managing FIPS for the redirector plug-ins”




Copyright © 2005. Sybase Inc. All rights reserved. Managing FIPS for the redirector plug-ins

View this document as PDF