Storing certificates for client applications
When you log in to client applications that access the services tier, such as the IBM® InfoSphere® DataStage® Designer client or Director client, you can store the certificate in the trusted store to prevent having to accept the certificate in subsequent logins.
After you log into the client for the first time, you will be asked to accept the certificate.
For the IBM
Click View Certificate.
Click the Certification Path tab, and then select the root certificate.
When using IBM
WebSphere Application Server Network Deployment, select the
- Click the General tab.
Click Install Certificate, and then click
Next.Note: You may be displayed with Welcome to the Certificate Import Wizard window with the choices, Current User or Local Machine. This is based on certain platforms that allow a choice of whether to install the certificate for the current user or for all users on the system (Local Machine) where the later one requires the system administrator access.
Select Place all certificates in the following store.
- Click Browse, then select Trusted Root Certification Authorities. Click OK.
- Click Next, then click Finish to import the certificate.
A security window may appear asking to confirm the installation. Click
Yes to install the certificate.
- Click View Certificate.
- Add the services tier host name to the list of Trusted Sites.
Tools > Internet Options > Security > Trusted Sites > Sites
- For Microsoft Windows users: re-launch your web browser with "Run as Administrator..." to ensure you are running with full elevated permissions.
- Use this alternate way to install certificates:
- Click on View Certificate then click the Details tab.
- Save the certificate to file by clicking Copy to File.
- Double-click the saved certificate file.
- Import the file into Trusted Root Certification.
- For Microsoft
Windows Server 2012: Enhanced Security Configuration on
Microsoft Internet Explorer may be preventing certificate installation. Disable Enhanced Security Configuration to install.
- Click Server Manager then click Local Server.
- Switch off IE Enhanced Security Configuration in the computer properties.
- Try to install the certificate again.
For browser based clients:
Accept the certificate according to the procedures of your browser.
For command line utilities:
The utility will prompt automatically for you to validate and store the certificate as in the following example. (The ⇒ character indicates a line continuation.)
# ./SessionAdmin.sh -user admin -password myPass -lus -url ⇒ https://localhost:9446/ The following certificate could not be verified: Owner: CN=localhost, OU=localhostNode02Cell, OU=localhostNode03, ⇒ O=IBM, C=US Issuer: CN=localhost, OU=Root Certificate, OU=localhostNode02Cell, ⇒ OU=localhostNode03, O=IBM, C=US Serial number: 10E9ACBD921C Valid from: Mar 25 2014 Expired to: Mar 25 2015 SHA1 fingerprint: 73:10:92:1A:12:AE:E5:0C:92:47:94:BF:A3:47:51:06:FF:⇒ 07:28:47 MD5 fingerprint: 91:E9:91:19:5B:15:FA:E6:63:B3:CF:C1:5C:0B:D1:B4 Do you want to accept this certificate permanently (1), for this session ⇒ only (2), or reject (3) it? (1/2/3):