Replacing or renewing a certificate for an IBM® Sametime® Gateway
cluster is similar to importing it for the first time, but you also
replace the old certificate with the new one.
Before you begin
The keystore must contain the certificate request that was
created and sent to the Certificate Authority. Also, the keystore
must be able to access the certificate that is returned by the Certificate
Authority.Expected state: the deployment manager and the node agents
are started. The servers are stopped.
Note: WebSphere® Application Server creates the
certificate chain when the signed certificate is received. The chain
is constructed from the signer certificates that are in the keystore
at the time the certificate is received. Be sure to import all intermediate
certificates as signer certificates into the keystore before receiving
the CA-signed certificate.
Procedure
- Log in to the Integrated Solutions Console.
- Click .
- Click the keystore that you created
previously.
- Click Personal certificates.
- Click Receive a certificate from a certificate
authority.
- Type the full path and name of the certificate file generated
by the CA.
- Select the appropriate data from the list.
- Click Apply and Save.
- From the Integrated Solutions Console, click .
- Select the keystore that contains the new and old certificates.
- Select the old certificate and click Replace.
- Verify that the old certificate is listed in the Old
certificate field.
- Select the new certificate from the Replace
with list.
- Click OK and Save.
- Restart the Sametime Gateway
Server.
For a stand-alone server: the single Java™ process.
For a cluster
configuration: restart the DMGR, STGW servers, XMPP proxies, SIP Proxies.
You
do not need to restart the node agents.