Configuring IBM Http server with SSL

Note:

The Default Password for keystore is changeit

1. Open the Standalone agent catalina.bat/sh file and note the java home path.

2. Open a command prompt as administrator and go to the java path which we configured in the catalina.bat/sh file.

3. Register the SSL certificate file in java using the below command

Syntax:

keytool -importcert -keystore "java_security_cacerts_path" -storepass changeit -file "certificate_path" -alias newname

Provide the "cacerts file path" in the "java_security_cacerts_path".

Provide the "certificate file path" in the "certificate_path".

Specify any name to identify the certificate in the "newname".

Example:

keytool -importcert -keystore "C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts" -storepass changeit -file "C:\Program Files\IBM\HTTPServer\cert.arm" -alias ibmhttpcer

4. After the successful execution, it will prompt for "Yes" or "No". Type "Yes" and press enter. The certificate will be registered successfully.

5. Add the IBM HTTP server with "Https" protocol in Applicare. But the Standalone agent will be using "Http" protocol.

Note:

For Real-time server_status
1. If we are using different java paths for Applicare server and agent then we need to register the certificate in both the Applicare server and Agent java path also.

2. Follow step 1 to 4 to register the certificate to java. In step 1 we need to open the Applicare server catalina.bat/sh file to find the applicare server java path and register the certificate in that java path and agent catalina.bat/sh file to find the agent java path and register the certificate in that java path.

To view the all installed certificates from java cacerts

a. Open command prompt and go to the path "$JAVA_HOME/jre/lib/security"

b. Enter the below command and press enter
keytool -list -keystore cacerts

c. Enter keystore password: changeit

To view the details of a particular certificate

a. Open command prompt and go to the path "$JAVA_HOME/jre/lib/security"

b. Enter the below command and press enter

Syntax:
keytool -printcert -v -file "certificate_path"

Example:
keytool -printcert -v -file "C:\Program Files\IBM\HTTPServer\cert.arm"

c. Enter keystore password: changeit

To delete the certificate from java cacerts.

a. Open command prompt and go to the path "$JAVA_HOME/jre/lib/security"

b. Enter the below command and press enter

Syntax:
keytool -delete -alias certificate-name -keystore "$JAVA_HOME/jre/lib/security/cacerts"

Example:
keytool -delete -alias mykey -keystore "C:\Program Files\Java\jdk1.8.0_181\jre\lib\security\cacerts"

c. Enter keystore password: changeit