Renewing SSL Certificates for IBM WebSphere and Apache Tomcat

Renewing a certificate for IBM WebSphere or Apache Tomcat is a relatively straightforward process.  There are, however, some subtle differences between renewing and installing a fresh certificate that I would like to document here primarily so I make it easier on myself the next time I need to simply renew a certificate.  If you are looking for more advanced information please consider these articles on configuring IBM WebSphere for SSL and installing or importing certificates into a WebSphere Trust Store.

If an IBM WebSphere or Apache Tomcat application server is nearing the validation end of their SSL certificates you can follow these steps to ensure that your servers remain secure and your user’s experiences are not interrupted.

IBM WebSphere

Step 1: Backup the existing certificate in case you need to revert.

  • Connect to the server where IBM WebSphere HTTP Server is installed. Navigate to the folder [IBM_HTTPServer_Home]\.
  • Backup or move the existing SSL certificate to an expired_certs folder Ex: C:\IBM\HTTPServer

renewing_ssl_certificate_websphere_apache_tomcat_ibm_maximo_update_ugrade_support_blog_help_tip_troubleshoot

Step 2: Copy the new certificate to IBM WebSphere HTTP Server home folder.

  • Copy the new Maximo SSL certificate to the [IBM_HTTPServer_Home]\ folder. If you need help requesting a new certificate, please refer to our article configuring IBM WebSphere for SSL.

Step 3: Launch IBM Key Management application to import new certificate

  • Launch the IBM Key Management application.
  • Click Export/Import button from the right-side button menu.
  • Select the Import Key radio button.
  • Change the Key file type to PKCS S12 using the drop-down menu.
  • Browser to the file name of the certificate that was copied in Step 3

ibm_maximo_blog_updating_ssl_certificate_websphere_server_security_renew_maximosecrets

  • Click the OK button. Supply the password associated with this certificate.

ibm_maximo_blog_renew_ssl_certificate_security_update_credentials_managed_service_self_help_how to

  • Click the OK button.
  • Select the label under Select a label to change. In the Enter a new label textbox provide a new label for this certificate.

  • Click the OK button.
  • Double-click the certificate that was just added with the new label.

ibm_maximo_blog_supprt_troubleshoot_fix_security_renew_ssl_certificate_update_websphere_apache_tomcat

  • Click the Set the certificate as the default checkbox at the bottom left.

ibm_maximo_blog_validation_of_ssl_certificate_update_websphere_apache_tomcat_troubleshoot_security

  • Click the OK button.
  • The certificate that was just added with the new label should now have an * next to its name.

ibm_maximo_websphere_update_apache_tomcat_renew_ssl_certificate_blog_troubleshoot_support

  • Click the OK button.
  • The certificate that was just added with the new label should now have an * next to its name.

 

Apache Tomcat

Step 1: Backup the existing certificate in case you need to revert.

  • Connect to the server where Apache Tomcat server is installed. Navigate to the folder [Apache_Tomcat_Home]\conf. Ex: C:\Apache\Tomcat\conf
  • Backup or move the existing SSL certificate to a certs folder.
  • Open the server xml file using a text editor.

ibm_maximo_suppprt_renew_new_ssl_cerificate_server_security_validation_websphere_apache_tomcat_blog

 

Step 2: Edit the server.xml file.

  • Locate the section <Connector port=”443” scheme=”https” . Change the name of the certificate if necessary.  Update the keystorePass value to the new password for the certificate.
  • NOTE: This is an XML document. Consequently, any ampersand or quote characters will need to be replaced.  For example, if your password is 1234”& then the value for keystorePass would be keystorePass=”1234&quot;&amp;”

How_to_renew_ssl_certificate_websphere_apache_tomcat_ibm_maximo

  • Save the server xml document and restart the Apache Tomcat service.

MxMobile: Using Saved Queries with A3J Group’s Mobile Apps for IBM Maximo

As we all know, saved queries can make our workload much easier to manage when you’re having to sort through hundreds of records in Maximo.  However, have you ever created a saved query in Maximo and you weren’t able to find that query on one of A3J Group’s mobile apps?  You’re not alone, it’s happened to me too and the solution is very simple to follow.

 

For this example, I will use MxWork as the mobile app. In Maximo, I created a query on the Work Order Tracking application called “Environmental Group WOs” that displays all of the work orders with a person group of “ENV” and with a status of “APPR” and “INPRG”.

 

saved queries MxMobile IBM Maximo Mobile App

 

When I save this query and log into the MxWork mobile application and navigate to the Saved Queries list, I won’t see this query.  Why is that?  Well, the saved query has to be available in the API in order to access it from the mobile apps.  So, with the addition of Query Definitions in Maximo 7.6.0.3, we can select the query in the Object Structure for that specific application which will then allow the query to be accessible from the API.

 

If you open the details of the Object Structure, in this example we’re looking at MXWODETAIL, you’ll see Query Definitions listed under More Actions.  This is where you will add your query.  If you do not see your query in the lookup, you may need to make your query public by accessing View/Manage Queries and checking the box underneath Public.  Below are the three fields that are required:

  • Query Type: appclause
  • App Name: WOTRACK
  • Query Clause Name: Environmental Group WOs

asset management saved queries MxMobile IBM Maximo Mobile App

 

After I click OK and reload the Saved Queries list in MxWork, I now see the Environmental Group WOs query.  What’s also great about this solution is that the same process applies to all of A3J Group’s mobile apps!

using saved queries MxMobile IBM Maximo Mobile App

Maximo Mobile App saved queries used in MxMobile A3J Group asset management

Unable to Find Records in IBM Maximo

If you are searching for items and your descriptions do not present any search returns then you may need to read this article…

IBM Maximo attributes such as the Description field are natively configured to use TEXT search instead of WILDCARD.  A text search will use the database’s text search engine.  This is important because text searches are more efficient due to the database using indexes to locate records.  In addition, a text search is not case-sensitive so users typically prefer this type of search over WILDCARD.

I recently had an experience where an IBM Maximo environment using a Microsoft SQL Server database was unable to locate item records using the search term ‘WELL PUMP’ on the Description field.  A search for ‘WELL’, ‘%WELL%’, or ‘WELL PUMP’ brought back zero records.  The pump could only be found by searching for ‘PUMP’.

Since ITEM.DESCRIPTION is a text search enabled attribute, I knew it had to be full text search related. However I was unsure how it was related.  I first rebuilt the text catalog located under Databases > [database_name] > Storage > Full Text Catalogs > [text_catalog_name].

Maximo-Object-Explorer

A rebuild of the catalog had no effect.  Next I increased logging on the ITEM object so I could get the exact query IBM Maximo was sending to the Microsoft SQL Server.  This produced the following query:

select *

from item 

where ((status != 'OBSOLETE' and contains(description , 'FORMSOF(INFLECTIONAL,"WELL")') 

and itemsetid = ITEMSET1))

and (itemtype in (select value from synonymdomain where domainid='ITEMTYPE' and maxvalue = 'ITEM'))

Running the above query in SQL Server Management Studio produces zero records.  I was getting closer! The complexity of some of IBM Maximo enterprise asset management system requires much patience, and thoroughness, especially when troubleshooting…

The downside is that there is no shortage of articles on the Web discussing SQL Servers Full Text search capabilities.  I found myself down quite the rabbit hole.  My esteemed coworker, Kelly Nimmo, dropped in to set me down the correct path as she so often does.  She suggested I look into something called a Stop List.

A Stop List in SQL Server is a list of commonly occurring words that SQL Server will discard while searching.  These words are omitted from the full-text index.  A query of the SYS.FULLTEXT_SYSTEM_STOPWORDS table

SELECT * FROM sys.fulltext_system_stopwords where stopword = 'WELL'

for the word ‘WELL’ reveals the following entries:

Search-feature-Stopword

Bingo!  I now had a decision to make.  I could look at removing these entries from the table. Instead, I chose to omit the ITEM table from using the Stop Word list via the following statement:

ALTER FULLTEXT INDEX ON dbo.item SET STOPLIST = OFF

I will roll this out to other tables where WELL may be used to prevent this behavior in the future.

Editing Font Sizes in IBM Maximo – Long Description and Log Defaults

How to change the Long Description and Log Default font sizes for all apps in IBM Maximo:

If you’re like me, you might not have the greatest eyesight in the world. Logs and long descriptions in IBM Maximo are a very useful way to let your co-workers know:

  1. What’s going on with a particular Work Order
  2. Asset, Purchase Order, Item or any of the various applications that would need more description, or a log information put onto it.

IBM Maximo defaults the size for the Long Descriptions and Logs to xx-small type. It’s great for fitting a lot more on a little page. However, it’s very hard to read and for the majority of the world’s population, we need glasses to do so. This begs the question, “Can I customize my Maximo user interface to improve these issues?” The Short

 

How do we go about making the font size larger?

Open the Long Description or Log. From the middle drop-down column (size) you can choose your font size.

The catch…

You must go into system properties and make a change to the global property (webcient.richtext.blocknode.)

If you do not take the step above, each carriage return (geek speak for hitting enter) makes the font size small again. Every subsequent Log or Description that you edit will also need to be changed when you open it to edit.

Is there a way to just have the font size bigger than xx-small in when you open any new or old log or long description in IBM Maximo?

The answer is yes, but you’ll have to roll your sleeves up and do a little bit of work to make it so.

Font sizes in IBM Maximo’s Long Descriptions and Logs revolve around the rich text editor. The rich text editor does not allow for sizing fonts easily. With some determination, you can get those fonts changed into something you won’t have to strain your eyes to read. If you want to make those Long Descriptions and Logs readable then you’re going to have to edit some CSS (cascading style sheets) files. CSS allows for bulk “styles” to re-occur across the website that they are applied to. IBM Maximo is a web application, so this is where we start.

Here’s how…

Buried in the IBM Maximo directories are files that make Maximo work. The ear file will be our focus, but there are others that also assist in Maximo’s functionality. On the application server (the machine that hosts IBM Maximo), you will have a directory that gets installed that contains the CSS information to display Maximo. Navigate to [maximo-folder]\applications\maximo\maximouiweb\webmodule\webclient\css and search for the ‘extended.css’ file. Open it and add the following lines of code to the end of the page.

#dijitEditorBody {

Font-size: 20px

}

 

The second location of an extended.css file that needs to be edited is in the following path, [maximo-folder]\applications\maximo\maximouiweb\webmodule\webclient\skins\iot18\css.

For the latest versions of IBM Maximo (7.6+), the iot18 folder is significant. The reason for this is, other articles mention to add the edited extended.css file to a folder called tivoli09. To save time, understand that the Tivoli directories were made for older versions of Maximo like 7.5 and prior. If you are using a newer version of Maximo look for the iot18 directory. You will edit this extended.css file in the same manner as the last one by adding the lines below to the end of the css file:

#dijitEditorBody {

Font-size: 20px

}

Next, you will need to rebuild the ear file for IBM Maximo and re-deploy it to your Maximo user interface. The 20px setting will default the text to medium in the logs and Long Descriptions.

Originally there were some hesitations on using CSS to fix this problem. It was thought that the change could affect the reports and the way they looked when generated. We have not seen that happen after making these changes.

We want to hear your thoughts about our helpful guide. Please comment below or send your inquiries to:

info@a3jgroup.com

Stay tuned for more helpful articles that will #MaximizeYourMaximo experience and the capabilities of your user interface!