Configuring for SSL between an authentication client and an authentication server

You can secure communications by using the WebSphere® signer certificates to configure SSL between the authentication client and the authentication server.

About this task

To configure for SSL between the authentication
client and the authentication server, follow these steps:


  1. In WebSphere, navigate to SSL certificate
and key mgmt > Manage endpoint security configurations > Node1 > Key stores
and certificates > NodeDefaultTrustStore > Signer certificates
    2. 

  2.  Export the WebSphere signer certificates to files
(for example, signer1.cert and signer2.cert).
    3. 

  3. Create a truststore and import the WebSphere signer
certificates as follows:
    C:\eWAS\java\bin>keytool -genkey -alias truststore -keystore truststore.jks
C:\eWAS\java\bin>keytool -import -trustcacerts -alias default -file signer1
	.cert -keystore	truststore.jks 
C:\eWAS\java\bin>keytool -import -trustcacerts -alias dummyserversigner -file signer2
	.cert -keystore truststore.jks
    

    4. 

  4. Copy the truststore.jks to the Control Desk directory.
 Include the truststore password and location in the $COLLATION_HOME/collation.properties entries: 
    com.collation.security.auth.ESSClientTrustStore=/dist/etc/truststore.jks
com.collation.security.auth.ESSClientTrustPwd=password  
    

    5.
Parent topic: Configuring for single sign-on

Feedback