You are on page 1of 2

SSL Certificate is normally created and assign to profile using the profile creation wizard.

WebSphere Application Server V8.5 configures and manages many of the SSL configurations
that are required to secure communication within a cell. Configures IBM HTTP Server for
inbound SSL. iKeyman is used to generate a new keystore and self-signed certificate. IBM HTTP
Server is then configured to support HTTPS communications by using the newly created
certificate.

Create a profile
To better understand the various pieces of SSL within the WebSphere Application Server
environment, a new custom profile is created.
__ 1. Restart the deployment manager.
__ a. From a terminal window, in the bin directory for the deployment manager, enter
the following command:
./startManager.sh
__ 2. Create a custom profile named SSL and federate it to the deployment manager.
__ a. Start the Profile management tool by issuing the following command in a terminal
window:
/opt/IBM/WebSphere/AppServer/bin/ProfileManagement/pmt.sh
__ b. The WebSphere Customization Toolbox window starts. Click Create on the right
to create a profile.
__ c. Select the Custom profile option and click Next.
__ d. On the Profile Creation Options page, select Advanced profile creation and
click Next.

__ c. Select the Custom profile option and click Next.


__ d. On the Profile Creation Options page, select Advanced profile creation and
click Next.

__ e. For the profile name and location, enter the following information:
- Profile name: SSL
- Profile directory: /opt/IBM/WebSphere/AppServer/profiles/SSL
Click Next.

f. On the Node and Host Names page, enter the following values:
- Node name: was85hostNode03
- Host name: was85host

Click Next.

g. On the Federation page, enter was85host for the deployment manager host
name. The default SOAP port (8879) is shown. Enter wasadmin for the security
User name and web1sphere for the Password. Be sure that the Federate this
node later option is not selected. The node is automatically federated to the cell
during creation.

h. Click Next.
__ i. On the next page, accept the defaults for creating the default personal certificate
and a new root signing certificate. Click Next.

j. On the next screen, which specifies the node certificate information, accept the
defaults and click Next. Make sure that you read the information block as it
explains the importance of these entries and how they relate to SSL.

__ k. Accept the default ports on the next page. Click Next.


__ l. On the summary page, click Create.
__ m. The profile creation is now complete; clear the check box for Launch the First
steps console and click Finish.