Overview

Skill Level: Intermediate

Exercise caution when working on the WebSphere Admin Console

Step-by-step instructions to receive a signed certificate obtained from Certifying Authority (CA) against a Certificate Signing Request created in WAS. The screenshots included are from WAS 9.0.

Ingredients

WebSphere Application Server (the screenshots are from WAS v9.0).

A signed certificate from CA. To obtain such a certificate, please refer to my recipe https://developer.ibm.com/recipes/tutorials/certificate-signing-request-csr-creation-in-websphere-application-server-was/

 

Step-by-step

  1. Login into WAS Admin Console

    Login into WAS Admin Console: https://<WAS_ADMIN_HOST>:<WAS_ADMIN_PORT>/ibm/console

    1-1

  2. Navigate to certificate configuration section

    Go to Security (Left Nav) -> SSL certificate and key management and click on Key stores and certificates link.

    2-1

  3. Select the KeyStore

    Click on NodeDefaultKeyStore.

    3-1

  4. Navigate to Personal certificates section

    Click on Personal certificates.

    4-1

  5. Start receipt of certificate

    Click on Receive from a certificate authority.

    5-1

  6. Provide the certificate details

    Provide the SSL certificate path. Click on Apply.

    Make sure the .crt file received from CA is copied to WAS machine for e.g. /opt/IBM/WebSphere/Profiles/DefaultAppSrv01/etc/xxxssl.crt

    6-2

  7. The new certificate will get added. Click on Save.

  8. Check the certificate details

    The certificate details can be seen as below

    8-4

  9. Restart the server

    Server restart is mandatory to get the certificate in effect.

Join The Discussion