Import a self-signed IBM ® HTTP Server certificate into the default trust store of IBM ® WebSphere ® Application Server.
Before you complete this procedure, ensure that IBM ® HTTP Server is configured to support encrypted connections as described in Configuring IBM ® HTTP Server for an encrypted connection .
This topic describes the procedure to configure certificates in a deployment with one web server.
If you select to configure the HTTP server during the IBM Connections installation, this task could be performed at that time instead of as a post-installation task. To establish trusted server-to-server communication for IBM ® Connections, import signer certificates from IBM ® HTTP Server into the WebSphere ® Application Server default trust store.
There are different types of certificates that you can use. This procedure describes how to import a self-signed certificate. You can also import a certificate that you purchased from a third-party Certificate Authority. To help decide a key file strategy for your environment, go the IBM ® HTTP Server knowledge center.
To import a public certificate from IBM ® HTTP Server to the default trust store in IBM ® WebSphere ® Application Server, complete the following steps:
Retrieve a certificate from another server:
If your configuration changes aren't successful, ensure that you have applied the instructions to configure a default personal certificate.
Verify that users can create a private community and add other widgets, such as Activities, Blogs, Dogear, and so on, to it. Ensure that there are no errors when these widgets are added. If problems are reported, consult the Communities SystemOut.log file.
The proxy-config.tpl file allows a proxy to work with self-signed certificates. This is true for an out-of-the-box deployment but for improved security you should set the value of the unsigned_ssl_certificate_support property to false when your deployment is ready for production.
Ensure that you are ready to renew your certificate before it expires. WebSphere ® Application Server provides a utility for monitoring certificates. For more information, refer to Configuring certificate expiration monitoring in the WebSphere ® Application Server information center.