Creating SSL certificates from the command line

You can use the securityUtility command to create a default SSL certificate for use by the Liberty configuration.

Procedure

  1. Open a command line, then change directory to the wlp/bin directory.
  2. Create an SSL certificate.
    Run the following command. If you do not specify a server name or a password, the command does not run. See Liberty: securityUtility command.
    securityUtility createSSLCertificate --server=server_name --password=your_password

Results

You have created a default keystore key.jks for the specified server. The keystore file is located under the /resources/security directory of the specified server. If a default keystore already exists, the command does not execute successfully.

What to do next

You can configure your server to use the keystore and enable the SSL in the server configuration by adding the following lines to the server configuration file:
    <featureManager>
        <feature>ssl-1.0</feature>
    </featureManager>

    <keyStore id="defaultKeyStore" password="keystore_password" /> 
See Enabling SSL communication in Liberty.

Icon that indicates the type of topic Task topic

File name: twlp_sec_create_certificate.html