After you obtain the client SSL
certificate, you must deploy the certificate to the Content Platform Engine server.
Procedure
- Copy the server.crt file to a folder on the Content Platform Engine server. For example, copy the file to the C:\IBM\keystore or the
/IBM/keystore directory.
- Configure WebLogic to use the Java standard trust as its default trust keystore.
- Log in to the WebLogic administrative console.
- Navigate to .
- Click the Configuration tab.
- Click the Keystores tab.
- For the Keystores list, click
Change.
- Select the Custom Identity and Java Standard Trust
option.
- Click Save.
- In the Keystores tab, note the value for Java
Standard Trust Keystore, such as
drive:/bea/jdk160_21/jre/lib/security/cacerts.
- On the Content Platform Engine server, import the client SSL
certificate into the truststore by using the following command:
keytool -import -alias myserver -file mypath/server.crt
-keystore drive:/bea/jdk160_21/jre/lib/security/cacerts -storepass password
myserver is the alias for the certificate
mypath/server.crt is the path to the certificate file
drive:/bea/jdk160_21/jre/lib/security/cacerts is the path to the
truststore
password is the truststore password
- Verify that the certificate was added to the truststore by using the following
command:
keytool -list -v -alias myserver
-keystore drive:/bea/jdk160_21/jre/lib/security/cacerts -storepass password
- Modify the WebLogic start-up script to add the following JVM argument to the Java
command line:
-DUseSunHttpHandler=true
- Restart the server.