Configuring and Managing MPE/iX Internet Services (August 2002)

ManualsBrandsHP ManualsSoftwareMPE/iX 7.0 Operating System

141

142

143

144

145

146

147

148

149

150

Chapter 9

HP WebWise MPE/iX Secure Web Server

Major Components

146

Major Components

HP WebWise MPE/iX Secure Web Server consists of a job stream (JHTTPD) which runs the server program

(HTTPD), a set of configuration files, a complete set of online documentation, and miscellaneous utilities and

scripts.

The full set of WebWise distribution files is contained within the /APACHE/VUUFF directory tree, and

customers should not modify any of these files.

The files and directories that customers should reference and/or modify are as follows:

/APACHE/PUB/ The MPE group and HFS directory under which all HP WebWise MPE/iX Secure Web

Server customer modifiable files reside. MGR.APACHE should be the only user with any kind

of access to this group.

HTTPD Symlink to web server daemon program. This program requires PM capability, and

MGR.APACHE should be the only user with any kind of access to this program.

JHTTPD The job stream which runs the HTTPD daemon.

JHTTPD.sample Sample JHTTPD job stream.

bin/ Symlink pointing to the /APACHE/CURRENT/bin directory which contains various utility

programs and scripts used for managing HP WebWise MPE/iX Secure Web Server. A

summary of the major ones:

apxs A perl script which assists in the creation of DSO modules. Note that perl is not distributed

with HP WebWise MPE/iX Secure Web Server or supported by HP.

htpasswd A program used to create the user/password database file required for HTTP Basic

Authentication.

openssl A program used for key and certificate management. HP only supports the usage shown in

this document.

sign.sh A shell script used to sign certificates. HP only supports the usage shown in this document.

cgi-bin/ This subdirectory is specified by the ScriptAlias configuration directive and contains demo

CGI scripts.

conf/ This subdirectory contains all of the HP WebWise MPE/iX Secure Web Server configuration

files, with the primary one being httpd.conf. MGR.APACHE should be the only user capable of

writing to these files and subdirectories. Additional SSL-related configuration

subdirectories below conf/:

ssl.crl/ Subdirectory containing Certificate Revocation Lists from the Certificate Authorities (CAs)

who have signed your client browser’s certificates. Useful only if you are doing client

authentication.

ssl.crt/ Subdirectory containing your required web server certificate in the file server.crt.

MGR.APACHE should be the only user with read access to this directory and the files

contained within.

ssl.csr/ Subdirectory containing your web server Certificate Signature Request(s) (CSRs) that were

used to obtain your server certificate(s).

ssl.key/ Subdirectory containing your web server key in the file server.key. Your key is

EXTREMELY sensitive information and should be protected by both owner-only file

permissions and a pass phrase. MGR.APACHE should be the only user with read access to this

directory and the files contained within.