Follow these steps to configure SSL for use between Java clients running on a workstation and the WebSphere® Application Server for z/OS® Java Platform, Enterprise Edition (Java EE) server.
Procedure
- Determine what SSL repertoire the server is using. For example: WASKeyring.
- Determine the user ID the server is running. For
example: CBSYMSR1.
- Export the certificate authority from RACF®. For example:
RACDCERT CERTAUTH EXPORT(LABEL('WebSphereCA')) DSN('IBMUSER.WAS.CA') FORMAT(CERTDER)
- Move the file to the workstation. (Note that the FTP transfer
must use binary.) For example: \tmp directory
- Add the digital certificate to the TrustStore used by the
client. For example, for the DummyClientTrustFile.jks file,
type:
keytool -import -file \tmp\IBMUSER.WAS.CA -keystore DummyClientTrustFile.jks]