Replacing an existing self-signed certificate

Occasionally, you need to replace an existing or expired self-signed certificate with a new certificate. Certificates are referenced in the runtime configuration by the Secure Sockets Layer (SSL) Configuration object and the Dynamic SSL Configuration Selection object. You can replace a certificate with a new certificate alias reference or with a new signer certificate.

Before you begin

The current certificate and the certificate replacement must exist in the same keystore before you can replace a certificate.
Alternative Method: To replace a self-signed certificate by using the wsadmin tool, use the replaceCertificate command of the AdminTask object. For more information, see PersonalCertificateCommands command group for the AdminTask object.

About this task

Complete the following steps in the administrative console:

Procedure

  1. Click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Key stores and certificates > [keystore ].
  2. Under Additional Properties, click Personal certificates.
  3. Select the certificate to be replaced. The alias list must include the certificate to be replaced and the certificate to replace it with.
  4. Click Replace.
  5. Select a replacement certificate alias from the list.
  6. You can delete one of the following types of certificates:
    • Select Delete old certificate to delete the existing or expired certificate.
    • Select Delete old signers to delete the existing signer certificates.
  7. Click Apply.

Results

Your results depend on what you selected:



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic Task topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 2:56:59 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-dist&topic=tsec_sslreplaceselfsigncert
File name: tsec_sslreplaceselfsigncert.html