Setting up SSL on a single server
These procedures describe how to set up Secure Sockets Layer (SSL) on a single Sametime® Gateway Server for both SIP and XMPP communications.
Before you begin
About this task
To have a secure network connection, you will create a key for secure network communications and receive a certificate from a certificate authority (CA) that is designated as a trusted CA on your server.
WebSphere® Application Server uses the certificates that reside in keystores to establish trust for a SSL connection. WebSphere Application Server creates the key.p12 default keystore file and the trust.p12 default truststore file during profile creation.
A default, self-signed certificate is also created in the key.p12 file at this time. Do not use this self-signed or other self-signed certificate to connect to external communities.
Trial certificates are not publicly trusted and so cannot be used to test against public instant messaging providers such as AOL Instant Messenger™.
- Import the certificate authorities' public certificate used by each of the public or private external communities your Sametime Gateway Server will be communicating with.
- Request a CA-signed certificate, and then import the signed certificate that the CA provided in response. Before performing this step you might have to import intermediary certificates.
- Configure the WebSphere environment to make use of the imported keys.
A complete technical reference of how to setup up SSL on the WebSphere Application Server can be found in the WebSphere Application Server product documentation.