Using Cryptographic Adapters for Web Servers with Linux on IBM System z9 and zSeries

An IBM Redpaper publication

Note: This is publication is now archived. For reference only.

Published 22 February 2006

cover image

IBM Form #: REDP-4131-00
(24 pages)

More options

Rate and comment

Authors: Jack Hoarau, Yann Kindelberger


This IBM Redpaper describes how to configure Web servers (such as Apache2 and IBM HTTP server) to use hardware cryptographic devices in Linux running on IBM System z9 and zSeries platforms. Hardware cryptographic cards are used to improve SSL performance during SSL handshaking. RedHat Enterprise Linux Advanced Server and SUSE Linux Enterprise Server distributions include packages to use these crypto cards. This repaper documents configuration steps required to use hardware cryptographic acceleration for SSL HTTP transactions with Linux distributions.

Table of contents

The z90crypt device driver
Exploiting hardware encryption
Software packaging for hardware cryptographic devices
Defining cryptographic hardware to the Linux or z/VM LPAR
Loading the z90crypt device driver
The OpenSSL engine interface
The OpenCryptoki PKCS#11 subsystem
Using cryptographic devices with SSL
Configuring cryptographic devices with Apache 2.0
Configuring cryptographic devices with IHS

Others who read this publication also read

Follow IBM Redbooks

Follow IBM Redbooks