Recreate the keyfiles as follows:
- Use Ikeyman to create NewServerStorefile.jks with password.
- Create self-signed certificate (Personal Certificates).
- Extract certificate to cert.arm.
- Add cert.arm from Signer Certificates.
- Close NewServerStorefile.jks (saves automatically).
- Create a NewServerTrustfile.jks (use the same password you used
with NewServerStorefile.jks).
- Add cert.arm from Signer Certificates.
- Close the file.
- Repeat steps 6 and 7 for NewClientStorefile.jks and
NewClientTrustfile.jks.
- Enable security from the Security Center.
- Click Default SSL Configuration, then update the key file and
trust files with the NewServerTrustfile.jks and
NewServerTrustfile.jks complete with new passwords (all passwords
should be the same).
- Do not enable client authentication.
- Stop WebSphere Application Server to propagate the changes.
- Edit the sas.client.props file to point to the NewClientStorefile.jks
and to the NewClientTrustfile.jks complete with the new passwords.
Ensure that the securityEnabled parameter is set to true.
- Start WebSphere Application Server; the sas.server.props is updated
automatically.
Click this link to get more detailed information about using the ikeyman
tool.
|