Enable SSL on IBM WebSphere Advanced Single Server Edition 4.0

Before being able to enable SSL on WebSphere, you need to have your own certificates. This certificate can be a self-certificate for testing purposes but in any production case, you should have certificates issued by a Trusted CA. The following steps describe how to get your own certificates and how to configure WebSphere to use it.

Installing certificate chain

Before you can add your certificate into the keystore, you must first include the certificates chain. You must install the following public certificates:

Root (GTE root certificate)Root
Primary Server certificate (Comodo Security Services CA certificate)PrimServer
Server certificateServer

You can add the certificates chain from the Signer Certificates screen as shown below:

Websphere SSL Certificate Installation

Click the Add button. A dialog box will appear where you have to enter the data, the Certificate file name (the certificate file you received) and its location. Once all of this information is entered, click OK.

Installing your site certificate

You can import it into your keystore. In the IBM Key Management console, select in the dropdown the option Personal Certificates as in the following screen:

Install SSL certificate

Then click on the button Receive. A dialog box will appear where you have to enter the data, the Certificate file name (the certificate file you received) and its location. Once all of this information is entered, click OK.

Enabling SSL
Once your keystore has been successfully configured with your certificate, you can now enable SSL in WebSphere Application Server.

In IBM WebSphere, SSL can be configured for each component. For more information on how to enable/configure it for each of them, please go to the IBM Web site at http://www-4.ibm.com/software/webservers/appserv/support.html