IBM WebSphere Advanced Single Server Edition 4.0You will be receiving the following four files from comodo:
Intermediate CA UTNAddTrustServerCA.crt
Intermediate CA PositiveSSLCA.crt
Your Site / Server certificate.crt
Or You can download the Positive ssl Root and Intermediate files from
Before being able to enable SSL on WebSphere, you need to have your own certificate. This certificate can be a self-certificate for testing purpose but in any production case, you should have a certificate issued by a Trusted CA. The following steps describe how to get your own certificate and later how to configure WebSphere to use it.
Installing a certificate chain
Before you can add your certificate into the keystore, you must first include the certificates chain. You must install the following public certificates in the following order:
|Primary Server certificate (UTNAddTrustServerCA.crt)||PrimServer|
|Primary Server certificate (PositiveSSLCA.crt and )||PrimServer|
You can add the certificates chain from the Signer Certificates screen as shown below:
Click on the Add button. A dialog box will appear where you have to enter the data, the Certificate file name (the certificate file you received) and its location. Once all of this information is entered click on OK.
Installing your site certificateYou can import the site certificate into your keystore easily. After opening the IBM Key Management console, please select the option 'Personal Certificates' in the drop down within the 'Key Database Content' area as shown in the following screen:
Once you've selected 'Personal Certificates', please click on the 'Receive' button. A dialog box will appear in which you must enter the data required, the certificate file name (the certificate file you received) and its location. Once all of this information is entered click 'OK'. This will configure your keystore correctly.
Once your keystore has been successfully configured with your certificate, you can enable SSL in WebSphere Application Server.