WebSphere Application Server - Express, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Managing digital certificates

Why and when to perform this task

Secure Sockets Layer (SSL) connections rely on the existence of digital certificates. A digital certificate reveals information about its owner, including their identity. During the initialization of an SSL connection, the server must present its certificate to the client for the client to determine the server identity. The client can also present the server with its own certificate for the server to determine the client identity. SSL is therefore, a means of propagating identity between components. Refer to Configuring Secure Sockets Layer and Creating a Secure Sockets Layer repertoire configuration entry.

A client can trust the contents of a certificate if that certificate is digitally signed by a trusted third party. A Certificate Authority (CA) acts as a trusted third party and signs certificates on the basis of its knowledge of the certificate requestor. Complete the following steps to manage digital certificates using either the key management utility (iKeyman) or the keytool utility:

Steps for this task (dependent on configuration)

What to do next

Setting up SSL communication between the Web browser and WebSphere Application Server. Using digital signatures, you can communicate securely from the Web browser through the Web server to WebSphere Application Server. Once you finish configuring security, perform the following steps to save, synchronize, and restart the servers:
  1. Click Save in the administrative console to save any modifications to the configuration.
  2. Synchronize the configuration with all node agents (Network Deployment only).
  3. Once synchronized, stop all servers and restart them.



Sub-topics
Starting the key management utility (iKeyman)
Creating a keystore file
Creating truststore files
Map certificates to users

Related concepts
Secure Sockets Layer

Related tasks
Configuring IBM HTTP Server for Secure Sockets Layer mutual authentication
Configuring the Web server plug-in for Secure Sockets Layer
Creating a Secure Sockets Layer repertoire configuration entry
Configuring Secure Sockets Layer

Task topic    

Terms of Use | Feedback

Last updated: Jun 8, 2005 12:45:23 PM EDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/tsec_mngcert.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)