Installation Instructions for IBM WebSphere HTTP Server running IKEYMAN

Solution ID:    SO9093    Updated:    09/16/2016


This document provides instructions for installing SSL Certificates for IMB HTTP Server using the IKEYMAN GUI. If you are unable to use these instructions for your server, RapidSSL recommends that you contact IBM. 

NOTE: Keep in mind that to successfully use the certificate sent by RapidSSL, the Intermediate CA certificate and your SSL certificate must be imported into same key file from which the certificate request was generated. IKEYMAN gives errors when you try to import the RapidSSL certificate into a key file that does not contain the certificate request. 

Step 1: Obtain the SSL certificate and intermediate CA certificate


    1.    The RapidSSL certificate download link will be sent by email.

    2.    Download and extract the certificate and intermediate from the zip file in the email.

           Note: The following links can be used to obtain the files if they are missing.

           Click here for steps to download the RapidSSL certificate.

           Download the Intermediate CA certificate from this link.

Step 2: Install RapidSSL Intermediate CA certificate

    1.    Start the key management utility (iKeyman):

           On Windows: Go to the start UI and select Start Key Management Utility

           On AIX, Linux or Solaris: Type ikeyman on the command line
    2.    Open the key database file that was used to create the certificate request. 
    3.    Enter the password, then click OK. 
    4.    Click on the "down arrow" to the right, to display a list of three choices.
    5.    Select Signer Certificates, then click Add
    6.    Click Data Type and select a data type, such as Base64-encoded ASCII data.
           Note:  This data type must match the data type of the importing certificate. 

    7.    Enter a file name and location for the intermediate_ca.cer digital certificate or click Browse to select
           a file name and location. 
    8.    Click OK. 
    9.    Enter a label for importing certificate, for example: Intermediate CA
  10.    Click OK
  11.    The Signer Certificates field displays the label of the signer certificate you added.

Step 3: Install the SSL Certificate 

    1.    Open the .kdb file using the iKeyman utility: 

           On Windows: Go to the start UI and select Start Key Management Utility

           On AIX, Linux or Solaris: Type ikeyman on the command line
    2.    In the middle of the iKeyman GUI you will see a section called Key database content
    3.    Click on the "down arrow" to the right, to display a list of three choices
    4.    Select Personal Certificates



    5.    From the Personal Certificates section, click Receive 


    6.    Data Type - leave the default of "Base64-encoded ASCII data"


    7.    Browse to the directory that contains the .cer or .arm file
    8.    Highlight the file and click Open.
    9.    Now click OK on this dialog box.


  10.    Verify your installation with the RapidSSL CryptoReport.

IBM Support

            For more information, refer to IBM documentation

Legacy ID



RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Knowledge Center

Search Tips