Technical Blog Post
Abstract
How to update certificates that are expiring for SSP and SI for HTTP Communications (Part 2)
Body
- Login to IBM Sterling Secure Proxy
- Click on Credentials
- Click on Certificate Stores > System Certificate Store > dfltKeyStore
- Select New
- Give the certificate a Name, Description, password should be the passphrase you used to create the Self Signed Certificate/CSR Creation, select the Key Certificate you generated. The detail information will allow in the box for Certificate Data
6. Select OK to add it to the list of certificates
7. Select Save to save your changes
8. You will need to add the certificate as a trusted certificate as well for outbound netmap update
9. Click on Certificate Stores > Trusted Certificate Store > dfltKeyStore
10. Select New
11. Give the certificate a Name, Description, password should be the passphrase you used to create the Self Signed Certificate, select the Key Certificate you generated. The detail information will allow in the box for Certificate Data
12. You will need to update your inbound and outbound netmaps to this new certificate
13. Select the inbound node netmap you want to edit and select Edit
14. Click on the Security Tab
15. Select the new key for the Key/System Certificate
16. Select Ok and select Save
17. You will need to push the configuration after making the updates for the inbound and outbound netmap
18. Click on Monitoring > Engine Status
19. Select the IBM Sterling Secure Proxy Engine that will need to be updated
20. Select Push Configuration
21. You will need to check in the Key Certificate to all of your IBM Sterling Secure Proxy Configuration Console if you have mutiple Engines installed.
22. Click on Monitoring > Engine Status
23. Select the IBM Sterling Secure Proxy Engine that will need to be updated
24. Select Push Configuration
25. You will need to check in the Key Certificate to all of your IBM Sterling Secure Proxy Configuration Console if you have mutiple Engines installed.
UID
ibm11121631