Configuring Inbound SSL for the Console and Receiver
The WebSphere Business Integration Connect keystores are
preconfigured in WebSphere Application Server. This section applies
only if you are using different keystores.
To configure SSL for the Console and Receiver in Business Integration
Connect, use the following procedure.
- Obtain the following information:
- The full path names of the key file and the trust file; for
example for the Receiver:
WBIC_install_root/common/security/keystore/receiver.jks
and
WBIC_install_root/common/security/keystore/receiverTrust.jks
You must enter these names correctly. In the Unix environment,
these names are case-sensitive.
- The new passwords for each file.
- The format of each file. This must be chosen from one of the
values JKS, JCEK, or PKCS12. Enter this value in uppercase exactly
as shown.
- The path to the script file named bcgssl.jacl.
- Open a Community Console window and change to
/WBIC_install_root/receiver/was/bin
The server does not need to be running to change the passwords.
- Enter the following command, substituting the values that are
enclosed in <>. All values must be entered.
./wsadmin.sh -f /WBIC_install_root/receiver/
scripts/bcgssl.jacl -conntype NONE install
<keyFile pathname>
<keyFile password> <keyFile format> <trustFile pathname>
<trustFile password> <trustFile format>
- Start the server. If the server fails to start, it might be
because of an error when running bcgssl.jacl. If you make a mistake,
you can rerun the script to correct it.
- If you used bcgClientAuth.jacl to set the clientAuthentication
SSL property, reset it after using bcgssl.jacl. This is because
bcgssl.jacl overwrites any values that might have been set for clientAuthentication
with the value false.
Note: Repeat these steps for the Console, substituting console for receiver in
the path name.
