This article is now available in our new knowledge base: Notes to Help You Enable Your IBM i Zend Server Web Site for SSL
Customers interested in using SSL to protect their web site may not know where to even start. This article provides a few tips to help.
Any version of Zend Server for IBM i running on any supported version of IBM i.
The first thing you need to do is get a certificate. This is a kind of key for your SSL site that provides authentication to clients. You can get a certificate from a company like VeriSign.
Next, you need to install your certificate on your IBM i. To do this, you will use a utility from IBM called the Digital Certificate Manager (DCM). Here is a link to the 7.2 online documentation for DCM:
IBM Support can help you install your certificate if you have any difficulty with DCM.
When you set up your certificate in DCM, you must also assign an Application Name to it. This Application Name is all you need to know about the certificate to use it in IBM HTTP Server (Apache).
Zend Deployment will prompt you for the Application Name value when you set up a new virtual host and select SSL. The virtual host will then be deployed with all the directives you need to make SSL work with that virtual host.
The only thing you would need to know about other than the Application Name for your cert is how to add a new port to Apache, in case your new virtual host listens on some other port than the default. It is common to use port 443 for SSL. This article tells how to listen on and additional port:
If you prefer to set up your own virtual host in your Apache configuration, the IBM documentation provides a good example scenario here:
Here are some additional notes from IBM support: