Using Cryptographic Adapters for Web Servers with Linux on IBM System z9 and zSeries

An IBM Redpaper publication

Note: This is publication is now archived. For reference only.

thumbnail 

Published on 22 February 2006

  1. .PDF (0.8 MB)

Share this page:   

IBM Form #: REDP-4131-00


Authors: Jack Hoarau and Yann Kindelberger

    menu icon

    Abstract

    This IBM Redpaper describes how to configure Web servers (such as Apache2 and IBM HTTP server) to use hardware cryptographic devices in Linux running on IBM System z9 and zSeries platforms. Hardware cryptographic cards are used to improve SSL performance during SSL handshaking. RedHat Enterprise Linux Advanced Server and SUSE Linux Enterprise Server distributions include packages to use these crypto cards. This repaper documents configuration steps required to use hardware cryptographic acceleration for SSL HTTP transactions with Linux distributions.

    Table of Contents

    Introduction

    The z90crypt device driver

    Exploiting hardware encryption

    Software packaging for hardware cryptographic devices

    Defining cryptographic hardware to the Linux or z/VM LPAR

    Loading the z90crypt device driver

    The OpenSSL engine interface

    The OpenCryptoki PKCS#11 subsystem

    Using cryptographic devices with SSL

    Configuring cryptographic devices with Apache 2.0

    Configuring cryptographic devices with IHS

     

    Others who read this also read