The following configuration works with 4.0.3:
Serverkey.jks contains the self-signed certificate and can have
the signer certificate but is not necessary.
ServerTrustkey.jks needs to have the signer certificate for the
self signed certificate.
Clientkey.jks must NOT have the signer certificate, the file can
be empty.
ClientTrustkey.jks needs to have the signer certificate for the
self signed certificate.
There is more information on using the IKeyman Tool for creating self
signed certificates in the infocenter:
www.ibm.com/software/webservers/appserv/doc/v40/ae/infocenter/
Sections 5.5.6.2.& 5.5.6.2.1
|