The User Application installation procedure exports the eDirectory™ trusted root certificates to the directory in which you install the User Application. Copy these certificates to the machine hosting the WebSphere server.
Import the certificates into the WebSphere keystore. You can do this by using the WebSphere administrator’s console (Importing Certificates with the WebSphere Administrator’s Console) or through the command line (Importing Certificates with the Command Line).
After you import certificates, proceed to Section 6.14, Deploying the IDM WAR File.
Log in to the WebSphere administration console as an admin user.
From the left panel, go to
.In the list of settings on the right, go to
under .Select
(or the trust store you are using).Under
on the right, select .Click
.Type the Alias name and full path to the certificate file.
Change the Data type in the drop-down list to
.Click
. You should now see the certificate in the list of signer certificates.From the command line on the machine hosting the WebSphere server, run the keytool to import the certificate into the WebSphere keystore.
NOTE:You need to use the WebSphere keytool or this does not work. Also, be sure the store type is PKCS12.
The WebSphere keytool can be found at /IBM/WebSphere/AppServer/java/bin.
The following is a sample keytool command:
keytool -import -trustcacerts -file servercert.der -alias myserveralias -keystore trust.p12 -storetype PKCS12
If you have more than one trust.p12 file on your system, you might need to specify the full path to the file.