The self-signed certificate is automatically renewed, but is not automatically propagated to webserver directory.

Troubleshooting

Problem

Customer can define IHS SSL virtualhost and create CMS keystore for that SSL virtualhost from WAS admin console. And WAS expiration management will automatically renew the self-signed certificate in that CMS keystore. However, the renewed self-signed certificate is not automatically propagated to the keystore in IHS webserver directory.

Resolving The Problem

The typical IHS keystore and certificate management is done through Ikeyman, or GSKit command line certificate management, which is outside of WAS scope.

If key stores for IHS are managed in this way, two steps are required to have the changes take effect.

* Customer has to manually click "Copy to Web server key store directory" to make the renewed self-signed certificate take effect.

* Customer must restart IHS (changes to key stores are not picked up dynamically.

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Administrative Console (all non-scripting)","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5.5;8.5;8.0;7.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Tips

The self-signed certificate is automatically renewed, but is not automatically propagated to webserver directory.

Troubleshooting

Problem

Resolving The Problem

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?