To replace default Secure Socket Layer (SSL) certificates in an entire cell, you must create a new self-signed root certificate in the root keystore, DmgrDefaultRootStore, and replace the old root certificate with the new one.
For the default certificate of the cell in CellDefaultKeyStore and the default certificate of each node in NodeDefaultKeyStore, create a new chained certificate and replace the old default certificate with the new certificate.
The root certificate is created by default on WebSphere® Application Server, and has a subjectDN in the form cn=<hostname>, ou=Root Certificate, ou=<cell name>, ou=<node name>, o=ibm, c=us. When you create a new root certificate you can also customize the subject DN.
To create a new SSL root certificate in the administrative console:
You can also replace default certificates in a node. Read Creating a new SSL certificate to replace an existing one in a node for more information
In this information ...Related reference
| IBM Redbooks, demos, education, and more(Index) |