IBM WebSphere Advanced Single Server
Edition 4.0
Before being able to enable SSL on WebSphere, you need
to have your own certificate. This certificate can be
a self-certificate for testing purpose but in any production
case, you should have a certificate issued by a Trusted
CA. The following steps describe how to get your own certificate
and later how to configure WebSphere to use it.
Installing a certificate chain
Before you can add your certificate into the keystore,
you must first include the certificates chain. You must
install the following public certificates:
| Root (GTE root certificate) |
Root |
| Primary Server certificate (ComodoSecurityServicesCA
certificate) |
PrimServer |
| Server certificate |
Server |
You can add the certificates chain from the Signer Certificates
screen as shown below:
Click on the Add button. A dialog box will
appear where you have to enter the data, the Certificate
file name (the certificate file you received) and its
location. Once all of this information is entered click
on OK.
Installing your site certificate
You can import the site certificate into
your keystore easily. After opening the IBM Key Management
console, please select the option 'Personal Certificates'
in the drop down within the 'Key Database Content' area
as shown in the following screen:
Once you've selected 'Personal Certificates',
please click on the 'Receive' button. A dialog box will
appear in which you must enter the data required, the
certificate file name (the certificate file you received)
and its location. Once all of this information is entered
click 'OK'. This will configure your keystore correctly.
Enabling SSL
Once your keystore has been successfully configured
with your certificate, you can enable SSL in WebSphere
Application Server.
|