When a certificate authority (CA) receives a certificate request,
it issues a new certificate that functions as a temporary placeholder for
a CA-issued certificate. A keystore receives the certificate from the CA and
generates a CA-signed personal certificate that WebSphere Application Server
can use for Secure Sockets Layer (SSL) security.
Before you begin
The keystore must contain the certificate request that was created
and sent to the CA. Also, the keystore must be able to access the certificate
that is returned by the CA.
About this task
WebSphere Application Server can receive only those certificates
that are generated by a WebSphere Application Server certificate request.
It cannot receive certificates that are created with certificate requests
from other keystore tools, such as
iKeyman and
keyTool.
Complete
the following steps in the administrative console:
Procedure
- Click Security > SSL certificate and key management > Manage
endpoint security configurations > {Inbound | Outbound} > ssl_configuration >
Key stores and certificates > [keystore].
- Under Additional Properties, click Personal certificates.
- Select a personal certificate.
- Click Receive a certificate from a certificate authority.
- Type the full path and name of the certificate file.
- Select a data type from the list.
- Click Apply and Save.
Results
The keystore contains a new personal certificate that is issued by
a CA. The original certificate request is changed to a personal certificate.
What to do next
The SSL configuration is ready to use the new CA-signed personal
certificate.