FileNet P8 Content Search Engine, Version 5.2.1       Application server:  WebLogic Application Server   Operating systems:  AIX, Linux, Linux on System z, Solaris, Windows

Deploying a third-party certificate on the Content Platform Engine server (WebLogic Server)

To secure the Content Platform Engine server end of the communication with another server, you need to deploy the third-party certificate that you generated on the other server into the keystore on the Content Platform Engine server.

Procedure

To deploy a third-party certificate on Content Platform Engine:

  1. Download a CA certificate from the certificate authority (CA) website and save it as cssThirdPartyCA.cer in any folder on the Content Platform Engine server, such as C:\IBM\cssKeystore.
  2. From the command line on the Content Platform Engine server, navigate to the folder where you saved the cssThirdPartyCA.cer file.
  3. On the WebLogic Server application server where you deployed Content Platform Engine, determine the current configured trust keystore. For example, WebLogic Server might be configured to use DemoTrust (DemoTrust.jks) by default. (Note that Oracle does not recommend using DemoTrust in a production environment.)
  4. Deploy the cssThirdPartyCA.cer file to the keystore that you determined in the previous step by entering the following command. (If your keystore is not DemoTrust, or you are not running WebLogic 10.3 on a Windows platform, make the appropriate substitutions in the command.)
    keytool -import -alias YourThirdPartyAlias
    -keystore C:\Oracle\Middeleware\WLserver_10.3\
    server\lib\DemoTrust.jks -storepass YourStorePassword
    -file cssThirdPartyCA.cer
  5. Verify that the certificate was imported in the keystore by entering the following command:
    keytool -list -v -keystore thirdPartyServerStore -storepass YourStorePassword
  6. To perform SSL authentication, specify the following Java™ system parameters on the Content Platform Engine application server. For more information about adding Java system parameters, see your application server documentation. (If your keystore is not DemoTrust, or you are not using WebLogic 10.3 on a Windows platform, make the appropriate parameter substitution.)
    -Djavax.net.ssl.trustStore=C:\Oracle\Middleware\WLserver_10.3\
    server\lib\DemoTrust.jks
    
    -Djavax.net.ssl.trustStorePassword=YourStorePassword
  7. Restart the Content Platform Engine instances on the application server.


Last updated: October 2015
p8pup715.htm

© Copyright IBM Corporation 2013, 2015.