You can create a self-signed certificate. WebSphere® Application
Server uses the certificate at runtime during the handshake protocol.
Self-signed certificates are located in the default keystore.
Before you begin
You must create a keystore before you can create a self-signed
certificate.
Alternative Method: To create
a self-signed certificate by using the wsadmin tool, use the createSelfSignedCertificate command
of the AdminTask object. For more information, see the PersonalCertificateCommands
command group for the AdminTask object article.
避免困難: Certificate aliases with embedded quotes in them
can cause issues when the runtime attempts to use them. Do not use
embedded quotes in a certificate alias.
gotcha
About this task
Complete the following steps in the administrative console:
Procedure
- Click Security > SSL certificate and key management >
Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration >
Key stores and certificates > [keystore ].
- From Additional Properties, click Personal certificates.
- Click Create a self-signed certificate.
- Type a certificate alias name. The alias identifies
the certificate request in the keystore.
- Type a common name (CN) value. This value is
the CN value in the certificate distinguished name (DN).
- Type the validity period The default validity
period value is 365 days.
- You can configure one or more of the following optional
values:
- Optional: Select a key size value. The
default key size value is 2048 bits.
- Optional: Type an organization value. This value is the O value in the certificate DN.
- Optional: Type an organizational unit value. This organizational unit value is the OU value in the certificate
DN.
- Optional: Type a locality value. This
locality value is the L value in the certificate DN.
- Optional: Type a state or providence value. This value is the ST value in the certificate DN.
- Optional: Type a zip code value. This
zip code value is the POSTALCODE value in the certificate DN.
- Optional: Select a country value from the
list. This country value is the C= value in the certificate
request DN.
- Click Apply.
Results
You have created a self-signed certificate that resides in
the keystore. The SSL configuration for the WebSphere Application
Server runtime uses this certificate for SSL communication. Extract
the signer of the self-signed certificate to add the signer to another
keystore.