Sun Java System Access Manager 7.1 Postinstallation Guide

ProcedureTo Configure a Secure WebSphere Instance

  1. Start, located in the Websphere /bin directory.

  2. From the Signer menu, import the certification authority’s (CA) certificate.

  3. From the Personal Certs menu, generate the CSR.

  4. Retrieve the certificate created in the previous step.

  5. Select Personal Certificates and import the server certificate.

  6. From the WebSphere console, change the default SSL settings and select the ciphers.

  7. Set the default IBM JSSE SSL provider.

  8. Enter the following command to import the Root CA certificate from the file you just created into application server JVM Keystore:

    $ appserver_root-dir/java/bin/ keytool -import -trustcacerts -alias cmscacert 
    -keystore ../jre/lib/security/cacerts -file 

    app-server-root-dir is the root directory for the application server and full_path_cacert_filename.txt is the full path to the file containing the certificate.

  9. In Access Manager, update the following parameters in to use JSSE:

  10. Configure Access Manager in SSL Mode. For more information, see Configuring Access Manager in SSL Mode.