Once the WebSphere Application servers have been configured to support TLS encryption we have the ability to force all web traffic to use HTTPS TLS encryption.
This article describes how to configure a URL redirection to HTTPS in the Sametime 8.5.2 WebSphere Application Server environment.
1) Log in to your WebSphere deployment manager for the server which you wish to configure to allow redirection to HTTPS. For network deployments this will be the Sametime System Console, for cell deployments log into the deployment manager for the component in question.
2) Once logged into the Deplyoment manager Integrated Solutions console navigate to Environment -> URI groups. Click the New button and enter a name for the we are about to create URI group for example “https_uri_group“. Enter “/*” (without quotes) in the URI Pattern field and click the Apply button, then click the save link at the top of the page. You have now successfully create a new URI group.
3) Next is to create a virtual host configuration: Navigate to Environment –> Virtual Hosts. Now create a new virtual hosts configuration by clicking the New button. Enter a name for the virtual hosts configuration, for example “proxy_https_host”. Click apply then save. Now click on the newly created “proxy_https_host“ virtual hosts configuration. Next click on “Host Aliases“ click the New Button, accept the defaults and click apply then save. You now have successfully created the new virtual hosts configuration.
4) Next step is to remove the port 80 in the default_host and the proxy_host configurations. Navigate to Virtual Hosts -> default_host -> Host Aliases Then select the entry that contains Port 80 and then click the Delete button then click the save link at the top of the page. Navigate to Virtual Hosts -> proxy_host -> Host Aliases select the entry that contains Port 80 and then click the Delete button then click the save link at the top of the page. You have now successfully finished the Virtual Hosts configuration.
5) Next step is to configure the Sametime WebSphere HTTP Proxy Server for redirection. Navigate to Servers -> Server Types -> WebSphere Proxy Servers. Now select the WebSphere proxy server created for your environment, for example STMeetingHttpProxy. Next select HTTP Proxy Server Settings then select Routing Rules. Click the New button. Now enter a name for your Rule for example redirectToSSL. In the Name of the Virtual Host field select the Virtual Host configuration create previously proxy_https_host. In the URI Group select the URI group created previously https_uri_group. In the Routing Action dialog check Redirect URL and enter the https URL you wish to redirect to. For example if we are securing the meeting server we would choose: “https://meeting.ibm.com:443/stmeetings“. Then select Apply button, then save
Once these changes have been implement restart the WebSphere HTTP proxy. Now when accessing the service over HTTP, the WebSphere proxy server will redirect it to HTTPS to secure client to server communications.