The IBM® Sametime® servers that run
on IBM WebSphere® Application Server install with
SSL enabled, using a self-signed certificate from IBM. If you want to use a different certificate,
you can import it into the keystore yourself.
Before you begin
Request a signed certificate from a Certificate Authority
and copy the certificate file to the server where you will install
the certificate.
About this task
This procedure applies only to Sametime product servers
running on WebSphere Application
Server.
Procedure
- On the Sametime product
server, log in to the WebSphere Integrated
Solutions Console as the WebSphere administrator.
- Click .
- On the SSL certificate and key management page,
look in the "Configuration settings" section and click Manage
endpoint security configurations.
- On the Manage endpoint security configurations page,
select the scope to which the certificate will apply. Apply the certificate
to both the inbound and outbound nodes. If all of the servers on
the node are using the same certificates, apply the certificate to
the node. If all servers on the node are not using the same certificate,
apply the certificate at the server level.
- On the SSL configuration page for the selected node, look
in the "Related Items" section and click Key stores and
certificates.
- On the Key stores and certificates page,
click the name of the keystore where you want to import the certificate.
If the certificate is used across multiple nodes in the cell, install
the certificate into the CellDefaultKeyStore. If you are installing
the certificate into a standalone server, select NodeDefaultKeyStore.
For example, the Sametime Video
Manager is a standalone server, therefore, you add the certificate
to the NodeDefaultKeyStore for the Video Manager.
In
other words, if the certificate is used by multiple Sametime servers which are
part of the same WebSphere cell
(for example, Sametime Meetings, Sametime Proxy, Sametime Advanced), or in
cases where there are WebSphere Proxies
using the same fully qualified domain name, install the certificate
into the CellDefaultKeyStore.
- On the configuration page for the selected keystore, look
under "Additional Properties" and click Signer certificates.
- On the Signer certificates page, click Add.
- Type an alias for the certificate.
- Type a path and file name where you stored the certificate
file, and select Base64-encoded ASCII data as
the data type.
- Click OK.
- Click the Save link in the "Messages"
box at the beginning of the page.
- Restart WebSphere Application
Server.