Configuring SSL for Your Server

Use the command create-cert-request to generate a request and send the request to your CA. Later, when you receive the certificate from the CA you'll need to install it using install-cert command. If you have a key and a certificate in a Java keystore which you're looking to migrate, use the command migrate-jks-keycert. For a development/test server, the easiest way to get going is to generate a self-signed certificate using the command create-selfsigned-cert.

wadm> create-selfsigned-cert --server-name=hostname --nickname=MyServerCert 
--token=internal

Check the man pages for more options and examples.

With the certificate installed, you need a listener on some port which will have SSL enabled.

wadm> create-http-listener --user=admin --password-file=admin.pwd --host=serverhost 
--port=8989 --listener-port=18003 --config=config1 --server-name=config1.com 
--default-virtual-server-name=config1_vs_1 config1_ls_1

Now enable SSL for the listener and associate the listener with the nickname of the certificate.

wadm> set-ssl-prop --http-listener=http-listener-ssl enabled=true
wadm> set-ssl-prop --http-listener=http-listener-ssl server-cert-nickname=MyServerCert

After this setup, deploy the configuration and start the instance.

wadm> deploy-config config_name
wadm> start-instance --config config_name hostname