You can use the Jython or Jacl scripting languages to configure security with the wsadmin tool. The commands and parameters in the SignerCertificateCommands group can be used to create and modify signer certificates in relation to the key store file and to query for signer information on ports of remote hosts.
The addSignerCertificate command add a signer certificate from a certificate file to a keystore.
Target object
None.Required parameters
Optional parameters
Example output
The command does not return output.Examples
Batch mode example usage:
$AdminTask addSignerCertificate {-keyStoreName testKeyStore -certificateAlias default -certificateFilePath <file path> -base64Encoded true}
AdminTask.addSignerCertificate('[-keyStoreName testKeyStore -certificateAlias default -certificateFilePath <file path> -base64Encoded true]')
AdminTask.addSignerCertificate(['-keyStoreName', 'testKeyStore', '-certificateAlias', 'default', '-certificateFilePath', '<file path>', '-base64Encoded', 'true'])
Interactive mode example usage:
$AdminTask addSignerCertificate {-interactive}
AdminTask.addSignerCertificate ('[-interactive]')
The deleteSignerCertificate command delete a signer certificate from a certificate file from a keystore.
Target object
None.Required parameters
Optional parameters
Example output
The command does not return output.Examples
Batch mode example usage:
$AdminTask deleteSignerCertificate {-keyStoreName testKeyStore -certificateAlias default}
AdminTask.deleteSignerCertificate('[-keyStoreName testKeyStore -certificateAlias default]')
AdminTask.deleteSignerCertificate(['-keyStoreName', 'testKeyStore', '-certificateAlias', 'default'])
Interactive mode example usage:
$AdminTask deleteSignerCertificate {-interactive}
AdminTask.deleteSignerCertificate ('[-interactive]')
The extractSignerCertificate command extracts a signer certificate from a key store to a file.
Target object
None
Parameters and return values
Examples
Interactive mode example usage:
$AdminTask extractSignerCertificate {-interactive}
AdminTask.extractSignerCertificate ('[-interactive]')
AdminTask.extractSignerCertificate (['-interactive'])
The getSignerCertificate command obtains information about a signer certificate from a key store.
Target object
None
Parameters and return values
Examples
Interactive mode example usage:
$AdminTask getSignerCertificate {-interactive}
AdminTask.getSignerCertificate ('[-interactive]')
AdminTask.getSignerCertificate (['-interactive'])
The listSignerCertificates command lists all signer certificates in a particular key store.
Target object
None
Parameters and return values
Examples
Interactive mode example usage:
$AdminTask listSignerCertificates {-interactive}
AdminTask.listSignerCertificates ('[-interactive]')
AdminTask.listSignerCertificates (['-interactive'])
The retrieveSignerFromPort command retrieves a signer from a remote host and stores the signer in a key store. The command will retrieve the root certificate information from the certificate chain on the port. To retrieve the leaf certificate users can set the security customer property com.ibm.websphere.ssl.retrieveLeafCert to true
Target object
None
Parameters and return values
Examples
Batch mode example usage:
$AdminTask retrieveSignerFromPort {-host serverHost -port 443 -keyStoreName testKeyStore -certificateAlias serverHostSigner}
AdminTask.retrieveSignerFromPort ('[-host serverHost -port 443 -keyStoreName testKeyStore -certificateAlias serverHostSigner]')
AdminTask.retrieveSignerFromPort (['-host', 'serverHost', '-port', '443', '-keyStoreName', 'testKeyStore', '-certificateAlias', 'serverHostSigner'])
Interactive mode example usage:
$AdminTask retrieveSignerFromPort {-interactive}
AdminTask.retrieveSignerFromPort ('[-interactive]')
AdminTask.retrieveSignerFromPort (['-interactive'])
The retrieveSignerInfoFromPort command retrieves signer information from a port on a remote host. The command will retrieve the root certificate information from the certificate chain on the port. To retrieve the leaf certificate users can set the security customer property com.ibm.websphere.ssl.retrieveLeafCert to true
Target object
None
Parameters and return values
Examples
Interactive mode example usage:
$AdminTask retrieveSignerInfoFromPort {-interactive}
AdminTask.retrieveSignerInfoFromPort ('[-interactive]')
AdminTask.retrieveSignerInfoFromPort (['-interactive'])