Importing a self-signed certificate for ODM Rule Designer

If you use self-signed certificates in your environment, you must import the certificate into the ODM Rule Designer certificate store. This is required to establish SSL communication between ODM Rule Designer and ODM server.

To import a self-signed certificate:

1. Open Internet Explorer and enter the following URL for the ODM Rule Designer:

   https://servername/res

   Where servername is the host name of the Core server (for example, https://core.icfm.ibm.com/res).

   CAUTION:

   For the wizard to function correctly, ensure that you use Internet Explorer for this procedure. If you are running Windows 10, you must run Internet Explorer in Administrator Mode to display the Certificate button.
2. In the warning page, click Continue to this website (not recommended).
3. Click the Certificate Error in the URL field at the beginning of the page.
4. Click View certificates.
5. Click the Details tab.
6. Click Copy to File.
7. In the Certificate Export Wizard wizard, click Next.
8. Select the Base-64 encoded X.509 (.CER) option, and click Next.
9. For the File Name field, enter C:\Users\user_name\Documents\core.cer, and click Finish.
10. Open a command prompt and enter the following commands:

    cd C:\TOOLS\IBM\ODM88\jdk\bin
    keytool.exe -import -file "C:\Users\user_name\Documents\core.cer" -alias
          core.icfm.ibm.com -keystore "C:\TOOLS\IBM\ODM88\jdk\jre\lib\security\cacerts" 
          -storepass password

    The default password value for the storepass is changeit. If you have set a different password, use that one.

    After the command has completed successfully, output is similar to the following example. Type yes and press Enter for the certificate to be added to the keystore.

    Owner: CN=core.icfm.ibm.com, OU=ICFM, O=IBM, C=US
    Issuer: CN=core.icfm.ibm.com, OU=ICFM, O=IBM, C=US
    Serial number: 57085073
    Valid from: 4/8/16 5:44 PM until: 4/6/26 5:44 PM
    Certificate fingerprints:
    MD5: D2:16:B7:42:D2:43:E9:E0:AB:F0:AD:BB:13:8E:24:D1
    SHA1: B6:1E:15:8E:29:F9:DC:87:A7:18:4D:CA:7E:22:9C:42:D3:65:F9:0B
    SHA256: 76:FB:58:73:B8:3F:57:EE:19:D3:85:A0:A7:39:CF:6D:F5:F5:F5:B0:B4:DA:62:D5:ED:CD:6C:6A:F4:27:BC:C8
    Signature algorithm name: SHA1withRSA
    Version: 3
    Trust this certificate? [no]: yes
    Certificate was added to keystore

11. Restart the ODM Rule Designer. You can now use ODM Rule Designer to securely connect to the ODM Rule Execution Server.