Netscape Enterprise Server

Get Connected Guide

Version 1.0

September 12, 1996

Contents

Thanks for choosing our products! We look forward to serving your needs in the future.


Trademarks

Getting Started with Your Internet POWERsolutions Server

Congratulations on the purchase of your new Netscape Enterprise server. This document outlines the steps required to configure and connect your server to the Internet or an intranet. To configure TCP/IP on your server, you will need to know your server's TCP/IP address, subnet mask, default gateway address and nameserver address. Your LAN administrator or Internet Service Provider will be able to supply this information.

In this POWERsolution, IBM has:

  1. Installed the adapters you ordered into your RS/6000.
  2. Installed the version of AIX you ordered.
  3. Installed the Netscape Enterprise server software in /usr/ns-ent-home. Your Enterprise server has been configured to run on port 80 (the standard HTTP port).
  4. Installed the Netscape Navigator web browser.
  5. Installed the Java Development Kit and Adobe Acrobat.
  6. Set up a power-on program that will guide you in configuring the TCP/IP interface of the communications adapter.
  7. Set up a userid and password for Enterprise's administration server. You'll use this server to configure and administer the Netscape Enterprise server. The userid is admin and the password is admin.
  8. Added commands to /etc/rc.tcpip to automatically start Enterprise's administration and web servers whenever your system is rebooted.
  9. Provided you with sample web pages and links to give you more information about your web server. The sample web pages are in /usr/ns-ent-home/doc.
  10. Provided you with a copy of Netscape Navigator Gold for Windows '95. See the README in /usr/ns-ent-home for more information.

To get your web server up and running, you must:

  1. Follow the directions for configuring TCP/IP on your server. These directions are on the following pages.
  2. Examine the on-line documentation included with the server and decide how you want to configure your server. You can access this on-line documentation by pressing the Help button which appears on most of the Enterprise administration server's forms.
  3. Configure the Netscape Enterprise server using a web browser. The steps required to do this are describe in Using a Web Browser for System Administration.

How to Configure the TCP/IP on your Server

If you have a graphics console, go to Using a Graphics Console.

Using a Character-Only tty Console

To access your web server using a tty (teletype) console, follow these instructions:

  1. Power-up your machine.
  2. If you are using a tty as the console, enter the terminal type at the prompt (for example, ibm3151, vt100).
  3. The System Management Interface Tool (SMIT) TCP/IP configuration screen is automatically displayed. Select your primary interface, usually en0 (for Ethernet) or tr0 (for Token-Ring).
  4. Input your network settings for the following attributes and hit Enter (consult your LAN administrator if you don't know which network settings will be used by your server).
      HOSTNAME...........................................<localhost>
      Internet ADDRESS (dotted decimal)..................<>
      Network MASK (dotted decimal)......................<>
      Network INTERFACE..................................en0
      NAMESERVER
               Internet ADDRESS (dotted decimal).........<>
               DOMAIN Name...............................<>
      Default GATEWAY Address............................<>
      (dotted decimal or symbolic name)
      Your CABLE Type....................................N/A
      START Now..........................................yes
    

    Note: Your system was configured with a HOSTNAME of localhost; change the hostname to your desired name. Be sure to enter your server's fully qualified hostname (e.g., serverName.domainName).

    Note: Internet ADDRESS and HOSTNAME must be defined for the server to properly connect into your network. The other parameters are optional and must only be entered if they are needed by your site. Some parameters specific to the communications adapter may also be required.

    If you see a TCP/IP error message like: Bind error to port 80 - already in use. ignore it. Your web server has been pre-configured to use this port.

  5. Exit SMIT by pressing the F10 key.
  6. Run the script /usr/ns-ent-home/ns-update to update your Enterprise server with your new TCP/IP configuration.
At this point your machine is running AIX, TCP/IP, and Enterprise's administration and web servers.

Using a Graphics Console

If you are using a graphics terminal as the console to use and access your web server, follow these instructions:

  1. Power-up your machine.
  2. In the lower portion of the Help Viewer screen on the Installation Assistant Task List, click on the airplane icon next to the Configure Network Communications option. This will launch the System Management Interface Tool (SMIT).
  3. In SMIT, click on the option for TCP/IP Startup.
  4. Select your primary interface, usually en0 (for Ethernet) or tr0 (for Token-Ring).
  5. Input your network settings for the following attributes and hit Enter (consult your LAN administrator if you don't know which network settings will be used by your server).
      HOSTNAME...........................................<localhost>
      Internet ADDRESS (dotted decimal)..................<>
      Network MASK (dotted decimal)......................<>
      Network INTERFACE..................................en0
      NAMESERVER
               Internet ADDRESS (dotted decimal).........<>
               DOMAIN Name...............................<>
      Default GATEWAY Address............................<>
      (dotted decimal or symbolic name)
      Your CABLE Type....................................N/A
      START Now..........................................yes
    

    Note: Your system was configured with a HOSTNAME of localhost; change the hostname to your desired name. Be sure to enter your fully qualified hostname here (e.g., serverName.domainName).

    Note: Internet ADDRESS and HOSTNAME must be defined for the server to properly connect into your network. The other parameters are optional and must only be entered if they are needed by your site. Some parameters specific to the communications adapter may also be required.

    If you see a TCP/IP error message like: Bind error to port 80 - already in use. ignore it. Your web server has been pre-configured to use this port.

  6. Exit SMIT by pressing the F12 key.
  7. At this point, you may choose to perform any of the other installation assistant tasks on the menu.
  8. When complete, click on the airplane icon next to the Task Completed option.
  9. The AIX Welcome screen will appear. Press the Options button and select Command Line Login.
  10. Login as root.
  11. Run the script /usr/ns-ent-home/ns-update to update your Enterprise server with your new TCP/IP configuration.
  12. Type exit. The AIX Welcome screen will appear.
  13. Type root in the user name field and press the OK button.

At this point your machine is running AIX, the Common Desktop Environment, TCP/IP, and Enterprise's administration and web servers.


Using a Web Browser for System Administration

Your new web server can be easily administered using a web browser that supports frames and JavaScript, such as Netscape Navigator (which is shipped with your POWERsolution). The web browser can be run on the web server (if it has a graphics console), or from any network-connected system that has a graphics console and a web browser.

One of the first things you'll want to do is change your server's administration id, administration password, and the hosts that are allowed to administer your server. To do this:

  1. Access the administration server by typing the following into the Navigator's Location field:

    http://<servername>.<your_domain>:<port_number>/

    For example, http://rs6000.ibm.com:9999/

    The port number for your administration server is 9999.

    If your Netscape Navigator is not running, open a DT Terminal and type:

    netscape http://<servername>.<your_domain>:<port_number>/ &

    If for some reason your administration server is not running, the Netscape Navigator will display an error message complaining that the network connection was refused by the server. If you see this error, restart the administration server by entering the command /usr/ns-ent-home/start-admin and try again.

    If you see the message: Error: Can't open display, then your DISPLAY environment variable is not set to the correct value.

  2. The administration server will first prompt you for a username and password. Your userid is admin and your password is admin. The Netscape Server Selector appears. For more information on this screen and configuring Enterprise in general, please refer to the on-line Enterprise Server Administrator's Guide.
  3. Select Configure Administration from the Server Selector. The Administration Configuration screen appears.
  4. Select Access Control. The Administration Server Access Control form appears. Type in your changes. If you need help with any of the fields on this form, select the Help button at the bottom of the screen.

The first time you select the link to the right of the Server Selector's on/off switch, you may see the following message: "Warning manual edits not loaded. Some configuration files have been edited by hand. Use the Apply button on the upper-right side of the screen to load the latest configuration files." If you see this message click the Apply button and load the configuration files (the files were changed by ns-update). Note that you might have to increase the width of the Netscape Navigator window to see the Apply button.


Certificate Services

Netscape Enterprise server requires a digitally-signed certificate to operate in secure mode. To obtain a signed certificate you need to submit a Certificate Request to a Certification Authority (CA), a third-party organization that issues certificates. Certification is an additional, fee-based service. Pricing is available from your CA. Netscape Communications has engaged Verisign, Inc. as a CA, and may contract with other CAs.

When requesting a certificate, you provide the following information to the CA:

For more information about submitting a Certificate Request, select the Request Certificate link from the administration server's encryption forms (or see the "Netscape Enterprise Server Administrator's Guide").

Once you have submitted the Certificate Request, you can generally expect to receive a unique digitally signed certificate in approximately 3-10 business days. This allows for an approval process that will help protect you, your organization, and the Certification Authority. You will receive your digitally-signed certificate by electronic mail.

You will need to establish adequate precautions to maintain the integrity of your private key by choosing a good password and keeping it secure using established principles of UNIX system security. See :hdref refid=serv. of this guide for additional information.

For more information about installing the certificate, select the Install Certificate link from the administration server's encryption forms. A detailed description of the certification process is available on the World Wide Web at the following URL: http://www.verisign.com/netscape/.

Current Certification Authorities

Verisign, Inc.
2593 Coast Avenue
Mountain View, CA 94043 USA
Phone: 1-415-961-7500
Fax: 1-415-961-7300
Email Certificate Requests: netscape-cert@verisign.com
Information and Pricing: http://www.verisign.com/netscape/.


Server Security

The Netscape Enterprise server allows Netscape Navigator (or any other SSL-compatible browser) to authenticate the server and subsequently encrypt communications between the client and the server. This allows secure communications across the network.

As a server owner, you are responsible for maintaining the integrity of your RS/6000 and the operating environment that your products are using. There are many sources of information to help you understand the issues involved with securing your system from unwanted intruders

The resources listed below introduce many concepts related to computer system and network security. You can access these documents on the Internet, using the Netscape Navigator browser.


Creating Web Services

While you wait for your digitally-signed certificate, you can begin to design the information you want to serve or expand the on-line presence you may already have created.

Netscape Communications has compiled a directory of information about creating web services, including HTML tutorials, CGI programming, and image processing. To access this information, select How to Create Web Services from the Help menu at the top of the Netscape Navigator browser window, or connect to: http://home.netscape.com/home/how-to-create-web-services.html.