If you correctly entered the key file location, the type
and the password, then the cause of the error is likely that your
server is not configured to decrypt .p12 files.
To fix the
error received when opening the .p12 file, you need to download a
zip file containing two policy files. You then rename the existing
policy files in your distributed WebSphere Application Server and
add the two new ones. You then stop and restart the cell to pick up
the change.
- Start a browser session and go to URL:http://www-01.ibm.com/software/.
- Click IBM Sign in.
- Enter your PartnerWorld®, developerWorks™, or IBM support id and
password and click Submit to sign in.
Note: If you don't have
an id, there is a link on the page to register to get one.
- Click the radio button next to Unrestricted JCE Policy files
for SDK 1.4.2 to select it. Then click Continue.
Important: Your country of origin
might have restrictions on the import, possession, use, or re-export
to another country, of encryption software. Before downloading or
using the unrestricted policy files, you must check the laws of your
country, its regulations, and its policies concerning the import,
possession, use, and re-export of encryption software, to determine
if it is permitted.
- Review your contact information and correct (if necessary). Scroll
down and review the license agreement. Check I Agree if you
agree.
- Then click I confirm to continue.
Important: Note
the warning about the restrictions your country may have on cryptographic
software.
- To continue, click Download now.
- The file unrestrict142.zip will be downloaded.
Save it to disk.
- Click OK.
- Use any zip file utility to open unrestrict142.zip and
extract the two files it contains to disk.
- On the system where the distributed WebSphere Application Server
Version 6.1.0 cell runs, go to ${JAVA_HOME}/jre/lib/security and
rename the files local_policy.jar to old.local_policy.jar and US_export_policy.jar to old.US_export_policy.jar.
Note: the
value of
JAVA_HOME can be found in the
administrative console at
Environment > WebSphere Variables.
- Use a file transfer utility to transfer the local_policy.jar and US_export_policy.jar that
you extracted from the zip file, to ${JAVA_HOME}/jre/lib/security on
the system where the distributed WebSphere Application Server Version
6.1.0 cell runs.
- Stop and restart the distributed WebSphere Application Server
Version 6.1.0 cell. Log into the administrative console and go to Security
> SSL certificate and key management > Key Stores and certificates.
- Go back to Step 19 in Importing RACF certificates to WebSphere Application Server and
continue.