Secure Web serving

The Z and I Emulator for Web server uses the Web server to download program objects to the browser. This information can be encrypted, but with a considerable performance impact.

The default port for secure web serving is 443. If that port is not enabled, port 80 is used. To enable secure web serving, perform the following steps:

  1. From a Web browser, enter: http://<server.name>:2001 (where <server.name> is the TCP/IP host name of your IBM System i). If you are unable to connect, start the HTTP server with the following i/OS and OS/400 command:
    STRTCPSVR SERVER(*HTTP) HTTPSVR(*ADMIN)
  2. Enter the i/OS or OS/400 user profile and password (when prompted). you need to have *ALLOBJ and *SECADM authorities to complete the remaining configuration activities.
  3. Click IBM HTTP Server for AS/400.
  4. Click Configuration and Administration.
  5. Click Configurations.
  6. Select the CONFIG configuration from the list.
  7. Click Security Configuration.
  8. For the Allow HTTP connections and Allow TLS connections selections:
    • Port number (443)
    • Select TLS Client authentication None.
    • Select Apply.
  9. Click AS/400 Tasks button on the lower left side of the screen.
  10. Click Digital Certificate Manager.
  11. Click System Certificates.
  12. Click Work with Secure Applications.
  13. Click QHCL_HTTP_SERVER_CONFIG; then click Work with System Certificate.
  14. Click Assign New Certificate.
  15. End the administration HTTP server instance with the following i/OS and OS/400 command:
    ENDTCPSVR SERVER(*HTTP) HTTPSVR(DEFAULT)
  16. Wait 10 seconds for the HTTP instance to shut down.
  17. Start the administration HTTP server instance with the following i/OS and OS/400 command:
    STRTCPSVR SERVER(*HTTP) HTTPSVR(DEFAULT)
  18. From a Web browser, enter https://server.name/zieweb/dashboard.html (where server.name is the TCP/IP host name of your IBM System i).

For more information on a wide variety of IBM System i topics, see IBM i PDF files and manuals.