ACert tool checks SSL certificates for expiration dates
 Downloadable files
 
Abstract
A command-line tool checks expiration dates of all SSL certificates defined in WebSphere® Application Server SSL repositories.
 
Download Description
ACert is a command-line tool that checks the WebSphere Application Server expiration dates of all SSL certificates defined in Application Server SSL repertoires. The expiration dates of each certificate are displayed.

Checking SSL certificates can help avoid application failures due to expired SSL certificates used for authentication within the Application Server and secure communications between the Application Server and the plug-in running within a Web server.

ACert does not check the WebSphere truststore for expired certificates, only SSL certificates that are defined in SSL repertoires.

History:
  • 10 July 2005: Updated to reflect support for V6.0
  • 13 April 2005: Updated Windows® image to resolve usage issues
  • 14 March 2005: Provided Windows, UNIX® and iSeries® unique images to simplify installation
  • 10 March 2005: Revised installation instructions
  • 31 March 2004: Created
 
Prerequisites
WebSphere Application Server V5.0, V5.1 or V6.0 installation.
 
 
Installation Instructions
To install ACert on Windows (WebSphere 5.x), unzip the file into the root directory of the WebSphere Application Server to be checked:

  • For WebSphere Application Server base, unzip ACert.zip into the install_root directory. For example, c:\WebSphere\AppServer
  • For Network Deployment, unzip into the Network Deployment nd_install_root directory.
  • If there is any possibility that different certificates have been installed in other nodes, or if you are not sure whether unique certificates will be installed on some nodes, unzip ACert into those nodes as well.

Instructions for "Using JAR to open WebSphere Fix Pack zip files" are below.

To launch the tool on Microsoft® Windows® (WebSphere 5.x):

  1. Open a command window.
  2. Change directory to install_root\bin . If you are running ACert in a Network Deployment environment, change to the nd_install_root\bin directory.
  3. Type launchacert.bat and press Enter.
  4. Note: In previous versions of ACert, a mistake in the bat file prevented it from launching correctly, particularly if WebSphere installed in a directory containing blanks in the directory name (such as Program Files). The phrase com.ibm.ws.bootstrap.WSLauncher ACert %"WAS_HOME"% or com.ibm.ws.bootstrap.WSLauncher ACert %WAS_HOME% should read,com.ibm.ws.bootstrap.WSLauncher ACert "%WAS_HOME%"
  5. On Windows®, be sure to execute launchACert.bat. launchACert (no file extension) is a launch script for AS/400.


To install ACert on Windows (WebSphere 6.x), unzip the file into the profile directory of the profile to be checked:

  • For example, c:\WebSphere\AppServer\profiles\dmgr
  • If there is any possibility that different certificates have been installed in other profiles or other nodes, or if you are not sure whether unique certificates will be installed on some nodes, unzip ACert into those nodes or profiles as well.


Instructions for "Using JAR to open WebSphere Fix Pack zip files" are below.

To launch the tool on Microsoft® Windows® (WebSphere 6.x):

  1. Open a command window.
  2. Change directory to install_root\profiles\profile_namebin .
  3. Type launchacert.bat and press Enter.
  4. Note: In previous versions of ACert, a mistake in the bat file prevented it from launching correctly, particularly if WebSphere installed in a directory containing blanks in the directory name (such as Program Files). The phrase com.ibm.ws.bootstrap.WSLauncher ACert %"WAS_HOME"% or com.ibm.ws.bootstrap.WSLauncher ACert %WAS_HOME% should read,com.ibm.ws.bootstrap.WSLauncher ACert "%WAS_HOME%"
  5. On Windows®, be sure to execute launchACert.bat. launchACert (no file extension) is a launch script for AS/400.


To install ACert on UNIX (WebSphere 5.x), unjar the file into the root directory of the WebSphere Application Server to be checked:

  • For WebSphere Application Server base, copy the jar file ACertUnixWAS5.jar into the install_root directory, such as /usr/WebSphere/AppServer, then
  • Unjar using the jar -xvf ACertUnixWAS5.jar command.
  • For Network Deployment, unjar into the Network Deployment nd_install_root directory.
  • If there is any possibility that different certificates have been installed in other nodes, or if you are not sure whether unique certificates will be installed on some nodes, unjar ACertUnixWAS5.jar into those nodes as well.


To install ACert on UNIX (WebSphere 6.x), unjar the file into the profile directory of the WebSphere Application Server to be checked:

  • For example, copy the jar file ACertUnixWAS6.jar into /usr/WebSphere/AppServer/profiles/dmgr, then
  • Unjar using the jar -xvf ACertUnixWAS6.jar command.
  • If there is any possibility that different certificates have been installed in other nodes or profiles, or if you are not sure whether unique certificates will be installed on some nodes, unjar ACertUnixWAS6.jar into those nodes or profiles as well.


To launch ACert on UNIX® (WebSphere 5.x):

  1. Open a shell window.
  2. Change directory to install_root/bin. If you are running ACert in a Network Deployment environment, change to the nd_install_root/bin directory.
  3. Make the script executable using chmod +x launchACert.sh,
  4. Type ./launchACert.sh and press Enter.


To launch ACert on UNIX® (WebSphere 6.x):

  1. Open a shell window.
  2. Change directory to install_root/profiles/profile_namebin. If you are running ACert in a Network Deployment environment, change to the nd_install_root/bin directory.
  3. Make the script executable using chmod +x launchACert.sh,
  4. Type ./launchACert.sh and press Enter.


To launch ACert on iSeries®:

  1. Open a shell window.
  2. Unjar the contents of the ACertISeries.jar file to /QIBM/ProdData/WebAS5/Base. This will result in the ACert class file going under the classes subdirectory and the UNIX, windows and iSeries scripts being placed in the bin subdirectory.
  3. (Optional) Customer can delete /QIBM/ProdData/WebAS5/Base/bin/launchACert.sh and launchACert.bat files.
  4. Enter the QShell environment by typing STRQSH on an OS/400 command line and press Enter.
  5. Type cd /QIBM/ProdData/WebAS5/Base/bin and press Enter.
  6. Type launchACert -instance myinst and press Enter.

 
URL LANGUAGE SIZE(Bytes)
Using JAR to open WebSphere Fix Pack zip files US English 100000
 
Download package
What is DD?
Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
acertiseries.jar 10/30/2006 US English 14528 FTP DD
acertunixwas5.jar 10/30/2006 US English 14819 FTP DD
acertunixwas6.jar 10/30/2006 US English 15126 FTP DD
acertwindowswas5.zip 10/30/2006 US English 14633 FTP DD
acertwindowswas6.zip 10/30/2006 US English 14638 FTP DD
 
Technical support
1-800-IBM-SERV (US calls only)
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 6.0
Software edition:
Reference #: 4006797
IBM Group: Software Group
Modified date: Jul 11, 2005