Installation Instructions for IBM WebSphere Server using IKeyman GUI

Solution ID:    SO16542    Updated:    09/15/2016

Solution


This document provides instructions for installing RapidSSL Certificates for IMB Websphere using the IKEYMAN GUI. If you are unable to use these instructions for your server, RapidSSL recommends that you contact IBM. 

NOTE: The Intermediate CA certificate and your SSL certificate must be imported into same key file from which the certificate request was generated. IKEYMAN gives errors when you try to import the RapidSSL certificate into a key file that does not contain the certificate request.
 
NOTE: To install the RapidSSL Certificate by using the iKeycmd command line, follow the steps from this link
 

Step 1: Obtain the RapidSSL certificate and intermediate CA certificate

    1.    The RapidSSL certificate download link will be sent by email.

    2.    Download and extract the certificate zip file from the email. 

           NOTE: Click here for steps to download the RapidSSL certificate.

     If the intermediate was not obtained with the certificate you can download the Intermediate CA certificate from this link


Step 2: Install RapidSSL Intermediate CA Certificate

    1.    Start the key management utility (iKeyman):

           On Windows: Go to the start UI and select Start Key Management Utility

           On AIX, Linux or Solaris: Type ikeyman on the command line
 
    2.    Open the key database file that was used to create the certificate request. 
    3.    Enter the password, then click OK. 
    4.    Select Signer Certificates, then click Add
    5.    Click Data Type and select a data type, such as Base64-encoded ASCII data. 

           NOTE: This data type must match the data type of the importing certificate. 

    6.    Enter a file name and location for intermediate_ca.cer digital certificate or click Browse to select a file name and location. 
    7.    Click OK. 
    8.    Enter a label for importing certificate, for example: Intermediate CA
    9.    Click OK
  10.    The Signer Certificates field displays the label of the signer certificate you added.


Step 4: Install the SSL certificate 

    1.    Start the key management utility (iKeyman): 

           On Windows: Go to the start UI and select Start Key Management Utility

           On AIX, Linux or Solaris: Type ikeyman on the command line
 
    2.    Choose Open from the Key Database File menu. Click Key database type, and select CMS
    3.    Click Browse to navigate to the directory containing the key database files.  
    4.    Select the key database file to which you want to add the certificate. For example, key.kdb.  
    5.    Click Open 
    6.    In the Password Prompt window, type the password you set when you created the key database
    7.    Click OK
    8.    Select the Personal Certificates view. 
    9.    Click Receive 
  10.    In the Receive certificate from a file window, select the data type of the new SSL certificate. For example, Base64-encoded ASCII
  11.    Click Browse to select the name and location of the certificate file name. 
  12.    Click OK   


Step 5: Transfer Certificates

    1.    To extract an SSL certificate from a key database file and store it in a CA key ring file, start the iKeyman graphical user interface.
    2.    Run following command:

           On Windows: strmqikm

           On UNIX: gsk7ikm

    3.    Choose Open from the Key Database File menu. Click Key database type, and select CMS.
    4.    Click Browse to navigate to the directory containing the key database files.
    5.    Select the key database file to which you want to add the certificate. For example, key.kdb.
    6.    Click Open.
    7.    In the Password Prompt window, type the password you set when you created the key database.
    8.    Click OK.
    9.    Select Signer Certificates in the Key database content field, and then select the certificate you want to extract.
  10.    Click Extract
  11.    Select the Data type of the certificate. For example, Base64-encoded ASCII.
  12.    Click Browse to select the name and location of the certificate file name. 
  13.    Click OK. The certificate is written to the file you specified.

Verify your installation with the RapidSSL CryptoReport.

IBM Support

            For more information, contact IBM
 

 

Legacy ID

vs29600

Disclaimer:

RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Knowledge Center


Search Tips