If you make SSL connections from a WebSphere Application Server based application the server (or rather the cell) needs to trust the certificate of the server you are connecting to. This is very easy to do in WAS and is easily done using the Integrated Solutions Console (ISC). The way to establish the trust is as follows:
- Log into the WebSphere Application Server Integrated Solutions Console (ISC)
- From the lefthand navigator select Security/SSL certificate and key management
- In the list of related items on the right click “Key stores and certificates”
- Click “CellDefaultTrustStore”
- In the list of “Additional properties” on the right click “Signer certificates”
- Click “Retrieve from port”
- Fill out the form with the hostname of the server and the SSL port (usually 443) of the you want WAS to trust. Also supply an alias to know the trust by in the list of trusted certificates.
- Click the “Retrieve signer information” button to validate the input and retrieve and trust the certificate
- Click OK and then save the changes to the master configuration.
Thanks for sharing Mikkel. Did you know if this works also for a wildcard certificate (*.youdomain.com) ?
I cannot see why it wouldn’t work for a wildcard cert as well.