Monday, 25 January 2021

Import SSL from the External Secured URL into Websphere Trust Store | WebSphere

To use the External Services in Maximo, or to integrate with an external system like MS Outlook 365, BIM by Autodesk Revit, or GIS, or any web/rest service. 

All famous browser generally trusts almost all known Certificate Authorities (Digicert, Google Trust Services and so on.) 

But when it comes to Websphere, it doesn't work. Only the Administrator specifically instructs WebSphere to trust by importing the certificate into the Trust Store either at the Cell level or Node level.


Let's instruct Websphere to import a Gmail certificate

  1. Webspher > Security > SSL Certificates and Key management > Key stores and certificates> select  CellDefaultTrustStore(if cluster) / NodeDefaultTrustStore
  2. Then Click Signer certificates > Click on Retrieve from port
    • Host: hosturl i.e google.com
    • port :  443
    • Alias: any name, i.e gmail
  3. press Retrieve signer information (retrieved signer information is displayed)
  4. hit Apply and OK. 
  5. restart cell manger service, nodeservice to take effect. 
  6. done. 

----------------
errors we commonly see if a trust store is missing:

  • PKIX path building failed: java.security.certi.CertPathBuilderException:
  • PKIXCertPathBuilderImpl could not build a valid CertPath.
  • Certificate issued is not trusted
  • BMXAA1477E - the connection failed to the HTTP handler for the endpoint. 
  • etc


1 comment:

  1. Ssl certificate - Buy SSL in Singapore - Digital Certificate Authority SSL Certificates. IT Solution Singapore assist you in providing compliance services in purchasing.

    ReplyDelete