Professional Documents
Culture Documents
Replacing SSL Certificates Instructions
Replacing SSL Certificates Instructions
For WAS:
iv..Backup the key.p12 & trust.p12 on each of the nodes profile_root Ex:
/www/WebSphere7/AppServer/profiles/Appsrv/etc directories
i. In the Administrative Console, go to Security > SSL certificate and key management > Key stores and
certificates > CellDefaultKeyStore > Personal certificates > Create a self-signed certificate
Alias :
Common name :
Bit size :
Validity period :
Organization :
iii. Return to Security > SSL certificate and key management > Key stores and certificates >
CellDefaultKeyStore > Personal certificates
i. Go to SSL certificate and key management > Key stores and certificates.
iii. Select the certificate in CellDefaultKeyStore personal certificates created in previous step and click
Add
This step will need to be done for each node in the cell.
i. Go to Security > SSL certificate and key management > Manage endpoint security configurations.
ii. Under Inbound, click the link for the node, node_name (NodeDefaultSSLSettings,null).
Alias :
Common name :
Validity period :
Bit size :
Organization :
vi. Return to Security > SSL certificate and key management > Manage endpoint security configuration s,
click node_name (NodeDefaultSSLSettings,null), click Manage certificates.
This step will need to be done for each node in the cell.
i. Go to Security > SSL certificate and key management > Manage endpoint security configurations.
ii. Under Inbound, click the link for the node, node_name (NodeDefaultSSLSettings,null) and select Key
stores and certificates.
iii. Select NodeDefaultKeyStore and CellDefaultTrustStore and then Click Exchange signers.
iv. Select the certificate in NodeDefaultKeyStore personal certificates created in previous step and
click Add.
7. Repeat steps 5 and 6 for each node in the cell.
10. Start the nodeagents and application servers. They should now be fully synchronized with the new
certificates in place.
For IHS:
===================================================================
1) Take backup of httpd.conf file and key.kdb file from respective locations.
3) Choose Open from the Key Database File menu. Click Key database type, and select CMS.
4) Click Browse to navigate to the directory containing the key database files.
5) Select the key database file to which you want to add the certificate.
6) Click Open.
7) In the Password Prompt window, type the password you set when you created the key database and
then click OK.
8) Select the Personal Certificates view.