• 1 reply
  • Latest Post - ‏2013-04-22T17:52:40Z by Alaine
1 Post

Pinned topic SSL Trust Store

‏2013-04-16T01:22:53Z | cacert certs ssl

Anyone know how to utilize a trust store in the WAS Liberty Profile?  My WebApp is trying to communicate with a REST Api that has an internal CA.  I need to import the internal CA and intermediate certs to some trust store I believe.  Any help is very appreciated.  Thanks!

- Carlos

  • Alaine
    5 Posts

    Re: SSL Trust Store


    You did not share details of how you SSL is enabled in your configuration or which level of Liberty you are running on.  But if you need to add signers to the truststore that is configured in you Liberty profile you can use the java tool  keytool.    Roughly the syntax will be something like keytool -import -file <path to the file that contains the cert> -keystore <path to keystore file> -storepass <keystore's password> -storetype  <keystore file type> .   If you are using a minimal SSL configuration then keystore is being used for both key and trust stores.   You may need to be running on at least for you outbound connection to work.  In and higher we started setting the Liberty default SSL configuration to the process's default SSL configuration.