Skip to content

Renewing SSL Certificates for IBM WebSphere and Apache Tomcat

Renewing a certificate for IBM WebSphere or Apache Tomcat is a relatively straightforward process.  There are, however, some subtle differences between renewing and installing a fresh certificate that I would like to document here primarily so I make it easier on myself the next time I need to simply renew a certificate.  If you are looking for more advanced information please consider these articles on configuring IBM WebSphere for SSL and installing or importing certificates into a WebSphere Trust Store. If an IBM WebSphere or Apache Tomcat application server is nearing the validation end of their SSL certificates you can follow these steps to ensure that your servers remain secure and your user’s experiences are not interrupted.

IBM WebSphere

Step 1: Backup the existing certificate in case you need to revert.

  • Connect to the server where IBM WebSphere HTTP Server is installed. Navigate to the folder [IBM_HTTPServer_Home]\.
  • Backup or move the existing SSL certificate to an expired_certs folder Ex: C:\IBM\HTTPServer
renewing_ssl_certificate_websphere_apache_tomcat_ibm_maximo_update_ugrade_support_blog_help_tip_troubleshoot

Step 2: Copy the new certificate to IBM WebSphere HTTP Server home folder.

  • Copy the new Maximo SSL certificate to the [IBM_HTTPServer_Home]\ folder. If you need help requesting a new certificate, please refer to our article configuring IBM WebSphere for SSL.

Step 3: Launch IBM Key Management application to import new certificate

  • Launch the IBM Key Management application.
  • Click Export/Import button from the right-side button menu.
  • Select the Import Key radio button.
  • Change the Key file type to PKCS S12 using the drop-down menu.
  • Browser to the file name of the certificate that was copied in Step 3
ibm_maximo_blog_updating_ssl_certificate_websphere_server_security_renew_maximosecrets
  • Click the OK button. Supply the password associated with this certificate.
ibm_maximo_blog_renew_ssl_certificate_security_update_credentials_managed_service_self_help_how to
  • Click the OK button.
  • Select the label under Select a label to change. In the Enter a new label textbox provide a new label for this certificate.
  • Click the OK button.
  • Double-click the certificate that was just added with the new label.
ibm_maximo_blog_supprt_troubleshoot_fix_security_renew_ssl_certificate_update_websphere_apache_tomcat
  • Click the Set the certificate as the default checkbox at the bottom left.
ibm_maximo_blog_validation_of_ssl_certificate_update_websphere_apache_tomcat_troubleshoot_security
  • Click the OK button.
  • The certificate that was just added with the new label should now have an * next to its name.
ibm_maximo_websphere_update_apache_tomcat_renew_ssl_certificate_blog_troubleshoot_support
  • Click the OK button.
  • The certificate that was just added with the new label should now have an * next to its name.
 

Apache Tomcat

Step 1: Backup the existing certificate in case you need to revert.

  • Connect to the server where Apache Tomcat server is installed. Navigate to the folder [Apache_Tomcat_Home]\conf. Ex: C:\Apache\Tomcat\conf
  • Backup or move the existing SSL certificate to a certs folder.
  • Open the server xml file using a text editor.
ibm_maximo_suppprt_renew_new_ssl_cerificate_server_security_validation_websphere_apache_tomcat_blog  

Step 2: Edit the server.xml file.

  • Locate the section <Connector port=”443” scheme=”https” . Change the name of the certificate if necessary.  Update the keystorePass value to the new password for the certificate.
  • NOTE: This is an XML document. Consequently, any ampersand or quote characters will need to be replaced.  For example, if your password is 1234”& then the value for keystorePass would be keystorePass=”1234&quot;&amp;”
How_to_renew_ssl_certificate_websphere_apache_tomcat_ibm_maximo
  • Save the server xml document and restart the Apache Tomcat service.

Share This

Related Posts

IBM-Maximo-stop-list-item-troubleshooting-database-search-e1636560926489
Using a Global System Properties in an Automation Script
Maximo has a neat feature where you can set any value in the global property, and it will default to...
ibm_mxmobile_maximo-mobile_app_maintenance_reliability_work_order_asset_management_inventory_count_create_meter_reading
MxMobile Update January 2023 Release
As an IBM Maximo mobile solution provider, A3J Group consistently improves the functionality and features...
ibm_mxmobile_maximo-mobile_app_maintenance_reliability_work_order_asset_management_inventory_count_create_meter_reading
MxMobile Update November 2022 Release
As an IBM Maximo mobile solution provider, A3J Group consistently improves the functionality and features...

No Responses

No comment yet, add your voice below!


Add a Comment