For command-line tools to use an updated certificate, you
can run the UpdateSignerCerts command so that the
certificate is accepted permanently, and other tools can run without
a prompt, making sure that non-attended script executions don't fail
or wait for user input for the certificate prompt.
About this task
Run this command on each computer in your environment
where the services, engine, and client tiers are installed. The command
is found in the following locations:
Tier |
Location |
Services |
IS_install_path/ASBServer/bin |
Engine, Client |
IS_install_path/ASBNode/bin |
Procedure
- Run the command:
UpdateSignerCerts.sh
-url https://hostname:port -user IS_admin_user -password IS_admin_password
- hostname
- The host name of the IBM®
InfoSphere® Information Server server,
as specified in the common name of the certificate.
- port
- The port number of the IBM
InfoSphere Information Server server,
specified during installation. The default port number is 9443.
- IS_admin_user
- The InfoSphere Information Server administrator
user name (isadmin).
- IS_admin_password
- The password for the InfoSphere Information Server administrator
user.
- If the SSL certificate has been properly changed on the
server, you are prompted to accept the new certificate. After the
prompt, enter 1 to accept the certificate permanently.
An example prompt:
The following certificate could not be verified:
Owner: CN=server1.example.com, OU=Software Group, O=IBM, C=US
Issuer: CN=server1.example.com, OU=Software Group, O=IBM, C=US
Serial number: 12A67955
Valid from: Oct 23 2013
Expired to: Oct 21 2014
SHA1 fingerprint: D2:57:88:57:AE:FD:E2:5D:B8:9B:7E:9D:B4:6F:64:46:15:42:D0:0E
MD5 fingerprint: 39:9C:82:52:9C:CE:14:64:26:50:E2:F6:2A:19:B3:21
Do you want to accept this certificate permanently (1), for this session only
(2), or reject (3) it? (1/2/3):