Community and Support
            Knowledge Base Applications Manager FAQ Application Servers WebSphere

            How to import certificates for monitoring Websphere Application Server with SSL authentication?

            Client certificate in .cer format

            1. Open the command prompt using 'Run as administrator' option and navigate to the Applications Manager installation directory.

            2. Import your trusted CA certificate(s) to AppManager_Home\working\jre\lib\security\cacerts

                  Navigate to AppManager_Home\working\jre\bin, execute following command

                  keytool -importcert -file [FILE PATH TO CERTIFICATE] -keystore [AppManager_Home\working\jre\lib\security\cacerts] -alias alias

                   Example:
                   keytool -importcert -file C:\myFiles\clientCertificate.cer -keystore AppManager_Home\working\jre\lib\security\cacerts -alias apmClient
                    ( if alias already exists, please give any other name as alias

            3. Restart Applications Manager 
            You need to replace AppManager_Home with actual directory path where AppManager is installed.
            Alternatively you can use KeyStore explorer. KeyStore Explorer is an open source GUI replacement for the Java command-line utilities like keytool.

            Client certificate in PKCS12 format:


            1. Open the command prompt using 'Run as administrator' option and navigate to the Applications Manager installation directory.

            2. Import your client certificate(s) to AppManager_Home\working\jre\lib\security\cacerts
                 
                 Navigate to AppManager_Home\working\jre\bin, execute following command

                      keytool -v -importkeystore -srckeystore [PATHTOCERTIFICATE] -srcstoretype PKCS12 -destkeystore             AppManager_Home\working\jre\lib\security\cacerts -deststoretype JKS

                        Enter destination keystore password: (by default it is changeit)
                          Enter source keystore password:
                          Entry for alias orakey successfully imported.

                  Example:
                    keytool -v -importkeystore -srckeystore C:\myFiles\clientCertificate.p12 -srcstoretype PKCS12 -destkeystore             AppManager_Home\working\jre\lib\security\cacerts -deststoretype JKS

            3. Restart Applications Manager

            You need to replace AppManager_Home with actual directory path where AppManager is installed.
            Restart of APM is required after loading the certificates.




            Updated: 08 Jan 2019 12:12 PM
            Helpful?  
            Help us to make this article better
            0 0