SSL needs to be set up to access the application through a browser over the HTTPS protocol.
Procedure
Enable Transport Chains
In the left panel, expand
Servers > Server Types and click
WebSphere application servers. The Application servers panel is displayed on the right.
Under Preferences, click
servername. For example,
server1. The
Configuration tab is displayed.
Under Container Settings, expand
Web Container Settings
and click the
Web container transport chains link. The following screen displays the various ports on your server and also provides information on whether SSL is enabled. If SSL is not enabled, you can enable it.
Click
New. The Create New Transport Chain window displays Select a transport chain template page.
In the Transport chain name field, enter transport chain name. For example,
MDMTransportChain2.
In the Transport chain template drop-down list, select
WebContainer (templates/chains|webcontainer-chains.xml#Chain_1) For SSL, select
WebContainer-Secure(templates/chains|webcontainer-chains.xml#Chain_2).
Click
Next. The Create New Transport Chain window displays Select a port page.
In the Port name field, enter the port name. For example,
MDMTransportChain2.
In the Host field, enter the host. For example,
*.
In the Port field, enter the port number. For example,
9082. Use any unused port number.
Click
Next. The Create New Transport Chain window displays Confirm new transport chain creation page.
Under Summary of Actions, a summary of the selections is displayed. Review the information.
Click
Finish. The SSL Enabled column for the newly created TransportChain displays
Enabled for the specified port and a message is displayed with the Save and Review options.
Click the Save link to save changes to the master configuration.
Specify Host Configuration
In the left panel, expand
Environment and click Virtual Hosts. The Virtual Hosts panel is displayed on the right.
Under Preferences, click the virtual host link where ECM is installed. For example,
default_host. The
Configuration tab is displayed.
Under Additional Properties, click the
Host Aliases
link.
Under Preferences, click
New.
Under General Properties,
In the Host Name field, enter
*.
In the Port field, enter
9082 as port number or any other unused port number.
Click
OK. A message is displayed with the Save and Review options.
Click the Save link to save changes to the master configuration.
Restart the server. Browse the application using the https protocol over the listening port.
Certificates (only applies if using GDSN software edition)
To communicate with 1SYNC securely, you may need to download their certificates and insert them into your trusted certificate store if they are not present already.
If your computer does not have the certificates in its keystore, a security alert is displayed. This alert warns you that the certificate is not verified and allows you to view the certificate. Click
View Certificate to view the certificate. The
Certificate window is displayed.
Click on the
Certification Path tab. Each certificate listed must be copied to a file.
Select the
Details tab.
Click
Copy to File. The
Certificate Export Wizard opens and guides you through the steps for copying certificates, certificate trust lists, and certification revocation lists from a certification store to your disk.
Choose the
Base-64 encoded X.509 (.CER) format and click
Next.
Provide a filename and click
Next.
Click
Finish. The certificate is exported to the file.
Import the certificates into the trusted certificate store of the Java virtual machine. The default Java virtual machine is located at <Websphere install location>/AppServer/java, and the corresponding trusted certificate store is at <websphere install location>/AppServer/java/jre/lib/security/cacaerts.
Use the keytool utility in jre/bin/keytool to insert all the certificates. For example:
