Skill Level: Intermediate

Exercise caution when working on the WebSphere Admin Console

Step-by-step instructions to receive a signed certificate obtained from Certifying Authority (CA) against a Certificate Signing Request created in WAS. The screenshots included are from WAS 9.0.


WebSphere Application Server (the screenshots are from WAS v9.0).

A signed certificate from CA. To obtain such a certificate, please refer to my recipe https://developer.ibm.com/recipes/tutorials/certificate-signing-request-csr-creation-in-websphere-application-server-was/



  1. Login into WAS Admin Console

    Login into WAS Admin Console: https://<WAS_ADMIN_HOST>:<WAS_ADMIN_PORT>/ibm/console


  2. Navigate to certificate configuration section

    Go to Security (Left Nav) -> SSL certificate and key management and click on Key stores and certificates link.


  3. Select the KeyStore

    Click on NodeDefaultKeyStore.


  4. Navigate to Personal certificates section

    Click on Personal certificates.


  5. Start receipt of certificate

    Click on Receive from a certificate authority.


  6. Provide the certificate details

    Provide the SSL certificate path. Click on Apply.

    Make sure the .crt file received from CA is copied to WAS machine for e.g. /opt/IBM/WebSphere/Profiles/DefaultAppSrv01/etc/xxxssl.crt


  7. The new certificate will get added. Click on Save.

  8. Check the certificate details

    The certificate details can be seen as below


  9. Restart the server

    Server restart is mandatory to get the certificate in effect.

Join The Discussion