Configuring SSL communication with an EAM system

If you integrate asset workflow with your Maximo® Asset Management system, you can opt to enable Secure Sockets Layer (SSL) communication with the Maximo Asset Management system.

Before you begin

Enable SSL connectivity for your Maximo Asset Management system. For more information, see IBM® Maximo Asset Management product documentation.

About this task

First, import the SSL certificate from your Maximo Asset Management server to a file in Privacy Enhanced Mail (PEM) format. And then, import the SSL certificate into WebSphere® Application Server Liberty Profile.

Procedure

  1. Log on to the application server as the administrative user that is defined by the ioc.user property in the install.properties file.
  2. Enter the following command to import the SSL certificate from your Maximo Asset Management server to a file in the /tmp directory, where EAM_host:https_port is the fully qualified domain name and HTTPS port number of the Maximo Asset Management server: 
    openssl s_client -showcerts -connect EAM_host:https_port </dev/null 2>/dev/null\
  | openssl x509 -outform PEM > /tmp/pem_filename.pem
    For example, 
    openssl s_client -showcerts -connect maximo.server.com:9443 </dev/null 2>/dev/null\
 | openssl x509 -outform PEM > /tmp/eam_pem_file.pem
  3. Enter the following command to import the SSL certificate into WebSphere Application Server Liberty Profile, where liberty.install.dir is the WebSphere Application Server Liberty Profile installation directory, liberty.instance.name is the name of the Liberty instance, EAM_host:https_port is the fully qualified domain name and HTTPS port number of the Maximo Asset Management server, key_store_passwd is the Liberty password, and pem_filename.pem is the name of the file that stores the certificate: 
    java_home/bin/keytool -import -keystore\
liberty.install.dir/usr/servers/liberty.instance.name/resources/security/key.jks\
 -alias EAM_host:https_port -file /tmp/pem_filename.pem -storepass key_store_passwd -noprompt
    For example,
    /opt/ibm/java-x86_64-80/bin/keytool -import -keystore\
/opt/IBM/WebSphere/wlp/usr/servers/iocsvr1/resources/security/key.jks\
 -alias maximo.server.com:9443 -file /tmp/eam_pem_file.pem -storepass password -noprompt

Results

When you configure the connection for a tenant to your Maximo Asset Management system for a tenant, you can opt to specify an SSL port for the connection. For more information, see the related link.