Creating SSL certificates from the command prompt

You can use the securityUtility command to create a default SSL certificate for use by the Liberty profile configuration.

Procedure

  1. Open a command prompt, then change directory to the wlp/bin directory.
  2. Create an SSL certificate.
    Run the following command. If you do not specify a server name or a password, the command does not run. See Liberty profile: securityUtility command.
    securityUtility createSSLCertificate --server=server_name --password=your_password

Results

You have created a default keystore key.jks for the specified server. The keystore file is located under the /resources/security directory of the specified server. If a default keystore already exists, the command does not execute successfully.

What to do next

You can configure your server to use the keystore and enable the SSL in the server configuration by adding the following lines to the server configuration file:
    <featureManager>
        <feature>ssl-1.0</feature>
    </featureManager>

    <keyStore id="defaultKeyStore" password="keystore_password" /> 
See Enabling SSL communication for the Liberty profile.

Icon that indicates the type of topic Task topic

Terms and conditions for information centers | Feedback


Timestamp icon Last updated: Monday, 21 April 2014
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-base-iseries&topic=twlp_sec_create_certificate
File name: twlp_sec_create_certificate.html