If you correctly entered the key file location, the type and the
password, then the cause of the error is likely that your server is not configured
to decrypt .p12 files.
To fix the error received when opening the .p12
file, you need to download a zip file containing two policy files. You then
rename the existing policy files in your distributed WebSphere Application
Server and add the two new ones. You then stop and restart the cell to pick
up the change.
- Start a browser session and go to URL: https://www6.software.ibm.com/dl/jcesdk/jcesdk-p
- Click Sign in.
- Enter your PartnerWorld®, developerWorks™, or IBM support id and password
and click Submit to sign in.
Note: If you don't have an id, there is
a link on the page to register to get one.
- Click the radio button next to Unrestricted JCE Policy files for SDK
1.4.2 to select it. Then click Continue.
- Review your contact information and correct (if necessary). Scroll down
and review the license agreement. Check I Agree if you agree.
- Then click I confirm to continue.
Important: Note the
warning about the restrictions your country may have on cryptographic software.
- To continue, click Download now.
- The file unrestrict142.zip will be downloaded. Save it
to disk.
- Click OK.
- Use any zip file utility to open unrestrict142.zip and
extract the two files it contains to disk.
- On the system where the distributed WebSphere Application Server Version
6.1.0 cell runs, go to ${JAVA_HOME}/jre/lib/security and
rename the files local_policy.jar to old.local_policy.jar and US_export_policy.jar to old.US_export_policy.jar.
Note: the value of
JAVA_HOME can be found
in the administrative console at
Environment > WebSphere Variables.
- Use a file transfer utility to transfer the local_policy.jar and US_export_policy.jar that
you extracted from the zip file, to ${JAVA_HOME}/jre/lib/security on
the system where the distributed WebSphere Application Server Version 6.1.0
cell runs.
- Stop and restart the distributed WebSphere Application Server Version
6.1.0 cell. Log into the administrative console and go to Security > SSL
certificate and key management > Key Stores and certificates.
- Go back to Step 19 in Importing RACF certificates to WebSphere Application Server and
continue.