Creating SSL key files and certificates for Linux
The IBM WebSphere Application
Server provides the ikeyman utility that manages Secure Sockets Layer (SSL)
key files and certificates. For secure communication, you must create server
key files with personal certificates. This procedure is only
necessary if you chose to defer generating the SSL files and certificates
during the MDM installation.
Steps
The Multiple Device Manager installation program
gives you the option to defer creating the SSL certificate files until after
the installation completes. If you selected that option during the installation,
you will need to follow this procedure to create the files manually.
- Launch the ikeyman utility:
- Type the following command:
<WAS-destination-directory>/WebSphere/AppServer/bin/ikeyman.sh
where <WAS-destination-directory> is the directory where the WebSphere Application
Server is installed on your system.
- Create the server SSL key file and certificate:
- Open the ikeyman utility and create a new JKS (Java Key Store) key file.
- Name the file: MDMServerKeyFile.jks
- Keep a record of all the passwords for these keys.
- Click Signer Certificates, and delete all of the
JKS key files listed.
- Click Personal Certificates, and then create a new
self-signed certificate.
- Enter the appropriate information for the new certificate. It is best
to include as much information as you can.
- Create the server SSL trust file and certificate:
- Open the ikeyman utility and create a new JKS key file.
- Name the file: MDMServerTrustFile.jks
- Keep a record of all the passwords for these keys.
- Click Signer Certificates and delete all of the
JKS key files listed.