SSL must be enabled between the Access Gateway and browsers before you can enable it between the Access Gateway and its Web servers.
In the Administration Console, click Devices > Access Gateways > Edit > [Name of Reverse Proxy] > [Name of Proxy Service] > Web Servers.
To configure SSL, select Connect Using SSL.
This option is not available if you have not set up SSL between browsers and the Access Gateway. See Section 14.4, Configuring SSL Communication with Browsers and the Identity Server and select the Enable SSL between Browser and Access Gateway field.
(Optional) Set up mutual authentication so that the Web server can verify the proxy service certificate:
Click the Select Certificate icon,
Select the certificate you created for the reverse proxy, then click OK.
This is only part of the process. You need to import the trusted root certificate of the CA that signed the proxy service’s certificate to the Web servers assigned to this proxy service. For instructions, see your Web server documentation.
In the Connect Port field, specify the port that your Web server uses for SSL communication. The following table lists some common servers and their default ports.
|
Server Type |
Non-Secure Port |
Secure Port |
|---|---|---|
|
Web server with HTML content |
80 |
443 |
|
WebSphere |
9080 |
9443 |
|
JBoss |
8080 |
8443 |
To save your changes to browser cache, click OK.
To apply your changes, click the Access Gateways link, then click Update > OK.