Receiving a certificate issued by a certificate authority

When a certificate authority (CA) receives a certificate request, it issues a new certificate that functions as a temporary placeholder for a CA-issued certificate. A keystore receives the certificate from the CA and generates a CA-signed personal certificate that WebSphere Application Server can use for Secure Sockets Layer (SSL) security.

Before you begin

The keystore must contain the certificate request that was created and sent to the CA. Also, the keystore must be able to access the certificate that is returned by the CA.
Alternative Method: To receive a certificate by using the wsadmin tool, use the receiveCertificate command of the AdminTask object. For more information, see PersonalCertificateCommands command group for the AdminTask object.

About this task

WebSphere Application Server can receive only those certificates that are generated by a WebSphere Application Server certificate request. It cannot receive certificates that are created with certificate requests from other keystore tools, such as iKeyman and keyTool.

Complete the following steps in the administrative console:

Procedure

  1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > [keystore].
  2. Under Additional Properties, click Personal certificates.
  3. Select a personal certificate.
  4. Click Receive a certificate from a certificate authority.
  5. Type the full path and name of the certificate file.
  6. Select a data type from the list.
  7. Click Apply and Save.

Results

The keystore contains a new personal certificate that is issued by a CA. The original certificate request is changed to a personal certificate.

What to do next

The SSL configuration is ready to use the new CA-signed personal certificate.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 30, 2013 6:03:36 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-base-iseries&topic=tsec_sslreceiveCAcert
File name: tsec_sslreceiveCAcert.html