It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×7,461
×6,109

question asked: Jul 02 '15, 5:11 a.m.
question was seen: 8,186 times
last updated: Sep 22 '15, 12:38 a.m.

Related questions

How to request and configure an SSL cerificate for CLM 501 running Apache Tomcat

0
anoop mc (74811200221) | asked Jul 02 '15, 5:11 a.m.
 Hi,

Currently we are in the process of migrating the existing CLM 501 environment on to a new hardware.

In the current server we noticed that in the directory - C:\Program Files\IBM\JazzTeamServer\server\tomcat

There is a file - ibm-team-ssl.keystore  that come along with the installation

Also noticed two new files -    Look like these files are obtained from the self signed certificate authority 

abc-team-ssl.jks and abc-team-ssl.jks.qer

What we are trying to find out is -  Do we need to generate some files from Apache Tomcat and sent to Identity Management Team for getting it signed.

Note: In websphere there is way we can generate a file then sent it to the identity management team and import the signed certificate back into WAS. Following this way can get pass the browser exception error.

apache_cert




11 answers

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
anoop mc (74811200221) | answered Sep 22 '15, 12:38 a.m.
Hi Team,

Finally I only figured out based on my testing against staging server.

Note that we would need separate certificate (Signed by CA) for each application server.

The process go as below

1. Hope you have received signed certificate back from your CA keep it in a folder.

2. Launch the ikeyman.exe tool and open the key.jks file by typing the password given at the time of creation.

3.In the certificate folder where you have stored the signed certificates received from CA you will find one with the host name. 

4. Under personal certificate option from ikeyman click on Receive and choose only the hostname one.

open_key

4. The next step would be to choose option Signer Certificate from the drop down and Click on ADD to add all the certificate including the first one.

open_key_file1



5. Now if you verify the key.jks file size which might have increased. 

6.  The final step would be is to edit the server.xml file and replace the default key - ibm-team-ssl.keystore with .jks file and the password.

7. Restart the tomcat services will help you to get rid of security exception in webbrowser.




Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.