Changing Keystore/Truststore using Web Console

This procedure describes steps to follow to configure IBM® Connect:Direct® Web Service to use a different Key Store. Before you begin the procedure, you must ensure that the Keystore is located on the same machine where IBM Connect:Direct Web Service is installed.

  1. Login to the Web Console as an Admin user.
  2. Click Certificates > Change Keystore to display Keystore configuration properties.
  3. Enter the complete absolute path of the changed Keystore.
    Note: You must not provide an empty Keystore path.
  4. Enter the changed Keystore password in Keystore Password.
    Note: The encryption key that will be used to encrypt the Keystore Password is automatically generated from backend.
  5. Now, the user can import certificates with different key cert password, different than the existing key cert password. The password provided is used only to decrypt the private key during import. When saving the certificate and private key to the server, there should be only one password for the entire keystore.
    Certificates that have a private key can be imported to the keystore.
  6. Enter the Key Certificate Password. For release and later Keystore and Key Certificate passwords can be different. However, all the Key Certificates must have the same password.

    To configure IBM Connect:Direct Web Service to use a different Truststore, click Certificates > Change trust store and follow the same procedure as described above. For a UI walk-through of this feature see, YouTube> IBM Connect:Direct.