Installation Instructions for IBM WebSphere HTTP Server running IKEYMAN

Solution ID:    SO9093    Updated:    06/11/2015

Solution


This document provides instructions for installing SSL Certificates for IMB HTTP Server using the IKEYMAN GUI. If you are unable to use these instructions for your server, RapidSSL recommends that you contact IBM. 

NOTE: Keep in mind that to successfully use the certificate sent by RapidSSL, the Intermediate CA certificate and your SSL certificate must be imported into same key file from which the certificate request was generated. IKEYMAN gives errors when you try to import the RapidSSL certificate into a key file that does not contain the certificate request. 
 

Step 1: Download the RapidSSL Intermediate CA Certificate

    1.    Download the Intermediate CA certificate according to your SSL product from this link: INFO1548

           Note:  Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE 
           and that no white spaces, extra line breaks or additional characters have been inadvertently added.

    2.    Save the file as intermediate_ca.cer in a Notepad document.


Step 2: Install RapidSSL Intermediate CA Certificate

    1.    Start the key management utility (iKeyman):

           On Windows: Go to the start UI and select Start Key Management Utility

           On AIX, Linux or Solaris: Type ikeyman on the command line
 
    2.    Open the key database file that was used to create the certificate request. 
    3.    Enter the password, then click OK. 
    4.    Click on the "down arrow" to the right, to display a list of three choices.
    5.    Select Signer Certificates, then click Add
    6.    Click Data Type and select a data type, such as Base64-encoded ASCII data.
 
           Note:  This data type must match the data type of the importing certificate. 

    7.    Enter a file name and location for the intermediate_ca.cer digital certificate or click Browse to select
           a file name and location. 
    8.    Click OK. 
    9.    Enter a label for importing certificate, for example: Intermediate CA
  10.    Click OK
  11.    The Signer Certificates field displays the label of the signer certificate you added.


Step 3: Obtain the SSL Certificate

    1.    The RapidSSL certificate will be sent by email.
    2.    Copy the certificate imbedded in the body of the email and paste it into a text file
           using Vi or Notepad.

           The text file should look like:

            -----BEGIN CERTIFICATE-----

                      [encoded data]

            -----END CERTIFICATE-----

    3.    Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and
           that no white spaces, extra line breaks or additional characters have been inadvertently added.

           NOTE: The certificate can be also downloaded from the RapidSSL User Portal by
           following the steps from this link: SO16222

           Please select X.509 as a certificate format and copy only the End Entity Certificate.
 
    4.    Save the file with extansion .cer  or .arm


Step 4: Install the SSL Certificate 

    1.    Open the .kdb file using the iKeyman utility: 

           On Windows: Go to the start UI and select Start Key Management Utility

           On AIX, Linux or Solaris: Type ikeyman on the command line
 
    2.    In the middle of the iKeyman GUI you will see a section called Key database content
    3.    Click on the "down arrow" to the right, to display a list of three choices
    4.    Select Personal Certificates

          


 

    5.    From the Personal Certificates section, click Receive 

           
 

    6.    Data Type - leave the default of "Base64-encoded ASCII data"

           
 

    7.    Browse to the directory that contains the .cert or .arm file
    8.    Highlight the file and click Open.
    9.    Now click OK on this dialog box.

           
 

  10.    To verify if your certificate is installed correctly, use the RapidSSL Installation Checker
 

IBM Support

            For more information, refer to IBM documentation
  
 

Legacy ID

vs29600

Disclaimer:

RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Knowledge Center


Search Tips