IBM FileNet P8, Version 5.2.1            

Deploying a client SSL certificate on JBoss

After you obtain the client SSL certificate, you must deploy the certificate to the Content Platform Engine server.

Procedure

  1. Locate the truststore that is used by the JBoss application server.
    You can search the JBoss start-up script for a JVM argument that contains javax.net.ssl.trustStore. For example:
    -c server_name -b 0.0.0.0 -Djavax.net.ssl.trustStore="JAVA_HOME/jre/lib/security/cacerts"

    If this JVM argument is not specified, then use the Java standard truststore for the Java VM that is used to start the JBoss server: JAVA_HOME/jre/lib/security/cacerts.

  2. Copy the certificate file that you obtained to a folder on the Content Platform Engine server. For example, copy the server.crt file to the C:\IBM\keystore or the /IBM/keystore directory.
  3. On the Content Platform Engine server, import the client SSL certificate into the truststore by using the following command:
    keytool -import -alias myserver -file mypath/server.crt
     -keystore JBOSS_HOME/server/server_name//conf/server.keystore -storepass password

    myserver is the alias for the certificate

    mypath/server.crt is the path to the certificate file

    JBOSS_HOME/server/server_name/conf/server.keystore is the path to the truststore

    password is the truststore password

  4. Verify that the certificate has been added to the truststore by using the following command:
    keytool -list -v -alias myserver
     -keystore JBOSS_HOME/server/server_name/conf/server.keystore -storepass password
  5. Restart the server.


Last updated: October 2015
p8pcc352.htm

© Copyright IBM Corporation 2015.