Topic
  • 1 reply
  • Latest Post - ‏2013-04-22T17:52:40Z by Alaine
cfonze
cfonze
1 Post

Pinned topic SSL Trust Store

‏2013-04-16T01:22:53Z |

Anyone know how to utilize a trust store in the WAS Liberty Profile?  My WebApp is trying to communicate with a REST Api that has an internal CA.  I need to import the internal CA and intermediate certs to some trust store I believe.  Any help is very appreciated.  Thanks!

- Carlos

  • Alaine
    Alaine
    5 Posts

    Re: SSL Trust Store

    ‏2013-04-22T17:52:40Z  

    You did not share details of how you SSL is enabled in your configuration or which level of Liberty you are running on.  But if you need to add signers to the truststore that is configured in you Liberty profile you can use the java tool  keytool.    Roughly the syntax will be something like keytool -import -file <path to the file that contains the cert> -keystore <path to keystore file> -storepass <keystore's password> -storetype  <keystore file type> .   If you are using a minimal SSL configuration then keystore is being used for both key and trust stores.   You may need to be running on at least 8.5.0.1 for you outbound connection to work.  In 8.5.0.1 and higher we started setting the Liberty default SSL configuration to the process's default SSL configuration.