It's all about the answers!

Ask a question

How to config self signed certification in WAS for CLM?

Jia Jia Li (8057152192) | asked May 11 '15, 10:36 a.m.
User always get SSL error in browser and Eclipse client, I do not have the SSL Certification from CA. I think I can config self signed certification to get rid of the certification error.
But anyone can guide me for the self signed certification in WAS?

2 answers

permanent link
Kevin Ramer (4.5k8183200) | answered May 11 '15, 12:16 p.m.
Unless you get a certificate from a "recognized" authority, users will always receive browser warnings.   Browsers/rtc clients are complaining because WAS creates self-signed certificates when the profile is created ( and will update them as they expire ).  In order for clients to not warn about those self-signed certificates ALL clients must be configured to trust the (private) signer of that certificate.

To get CA signed certificates open the NodeDefaultKeyStore ( SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore ) Click on Personal Certificate Requests.  Click New, fill out the form and send the request file to CA.  Your CA will have (or should) instructions on how to get your certificate into the environment.

permanent link
Donald Nong (14.5k414) | answered May 11 '15, 9:16 p.m.
Another approach is to maintain your own CA (using openssl). There are plenty of tutorial on the net on this topic. Once _all_ the clients are configured to trust your own CA/signer, all certificates signed by this CA/signer will be accepted without complaints.

Your answer

Register or to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.