Configuring the IMS Universal Database resource adapter for SSL support in a container-managed environment

To enable SSL in a container-managed environment for the IMS Universal Database resource adapter, you need to configure the SSL certificate and key management settings from your WebSphere® Application Server administrative console.

Prerequisites:
  • You must first set up the IBM® z/OS® Communications Server Application Transparent Transport Layer Security (AT-TLS) to enable SSL support on the z/OS system for IMS Connect.
  • You also need to retrieve the client certificate (.crt) to your local file system where WebSphere Application Server is installed. To retrieve the certificate, from TSO, browse the OMVSID.CERTAUTH.CERT member. Copy its contents into a text file on your local file system, and remove any trailing spaces. Name the file hostname.crt.
To configure the IMS Universal Database resource adapter for SSL support:

Procedure

  1. Open the WebSphere Application Server administrative console.
  2. From the left pane, expand Security -> SSL certificate and key management.
  3. Click Key stores and certificates.
  4. Click NodeDefaultTrustStore.
  5. Click Signer certificates.
  6. Click Add.
  7. In the Alias field, type a name that helps you remember that this certificate is associated with (extracted from) the server key ring file that was created when you set up AT-TLS to enable SSL on IMS Connect.
  8. In the File name field, type the fully qualified path to the .crt file located on your local file system.
  9. Click OK and then click Save.
    The trusted certificate is picked up automatically and used during the SSL handshaking process at run time.