IBM FileNet P8, Version 5.2.1            

Deploying a client SSL certificate on WebLogic

After you obtain the client SSL certificate, you must deploy the certificate to the Content Platform Engine server.

Procedure

  1. Copy the server.crt file to a folder on the Content Platform Engine server. For example, copy the file to the C:\IBM\keystore or the /IBM/keystore directory.
  2. Configure WebLogic to use the Java standard trust as its default trust keystore.
    1. Log in to the WebLogic administrative console.
    2. Navigate to Environment > Servers > server name.
    1. Click the Configuration tab.
    2. Click the Keystores tab.
    3. For the Keystores list, click Change.
    4. Select the Custom Identity and Java Standard Trust option.
    5. Click Save.
    6. In the Keystores tab, note the value for Java Standard Trust Keystore, such as drive:/bea/jdk160_21/jre/lib/security/cacerts.
  3. On the Content Platform Engine server, import the client SSL certificate into the truststore by using the following command:
    keytool -import -alias myserver -file mypath/server.crt
     -keystore drive:/bea/jdk160_21/jre/lib/security/cacerts -storepass password

    myserver is the alias for the certificate

    mypath/server.crt is the path to the certificate file

    drive:/bea/jdk160_21/jre/lib/security/cacerts is the path to the truststore

    password is the truststore password

  4. Verify that the certificate was added to the truststore by using the following command:
    keytool -list -v -alias myserver
     -keystore drive:/bea/jdk160_21/jre/lib/security/cacerts -storepass password
  5. Modify the WebLogic start-up script to add the following JVM argument to the Java command line:
    -DUseSunHttpHandler=true
  6. Restart the server.


Last updated: March 2016
p8pcc357.htm

© Copyright IBM Corporation 2016.