Use this procedure to enable load balanced nodes to connect
to each other and send notifications.
About this task
These steps are required to enable load balancing between
the participating nodes. Complete these steps on each node.
Procedure
- In a text editor, open the ssl.client.props file
from the
JazzSM_WAS_Profile/properties
directory.
- Uncomment the section that starts with
com.ibm.ssl.alias=AnotherSSLSettings
so
that it looks like this: com.ibm.ssl.alias=AnotherSSLSettings
com.ibm.ssl.protocol=SSL_TLSv2
com.ibm.ssl.securityLevel=HIGH
com.ibm.ssl.trustManager=IbmX509
com.ibm.ssl.keyManager=IbmX509
com.ibm.ssl.contextProvider=IBMJSSE2
com.ibm.ssl.enableSignerExchangePrompt=true
#com.ibm.ssl.keyStoreClientAlias=default
#com.ibm.ssl.customTrustManagers=
#com.ibm.ssl.customKeyManager=
#com.ibm.ssl.dynamicSelectionInfo=
#com.ibm.ssl.enabledCipherSuites=
- Uncomment the section that starts with
com.ibm.ssl.trustStoreName=AnotherTrustStore
so
that it looks like this: # TrustStore information
com.ibm.ssl.trustStoreName=AnotherTrustStore
com.ibm.ssl.trustStore=${user.root}/config/cells/JazzSMNode01Cell/nodes/JazzSMNode01/trust.p12
com.ibm.ssl.trustStorePassword={xor}CDo9Hgw=
com.ibm.ssl.trustStoreType=PKCS12
com.ibm.ssl.trustStoreProvider=IBMJCE
com.ibm.ssl.trustStoreFileBased=true
com.ibm.ssl.trustStoreReadOnly=false
- Update the location of the trust store that the signer
should be added to in the com.ibm.ssl.trustStore property
of AnotherTrustStore by replacing the default
value com.ibm.ssl.trustStore=${user.root}/etc/trust.p12 with
the correct path for your trust store. Example:
com.ibm.ssl.trustStore=${user.root}/config/cells/JazzSMNode01Cell/nodes/JazzSMNode01/trust.p12
After the update, the section must look like this:
com.ibm.ssl.trustStoreName=AnotherTrustStore
com.ibm.ssl.trustStore=${user.root}/config/cells/JazzSMNode01Cell/nodes/JazzSMNode01/trust.p12
com.ibm.ssl.trustStorePassword={xor}CDo9Hgw=
com.ibm.ssl.trustStoreType=PKCS12
com.ibm.ssl.trustStoreProvider=IBMJCE
com.ibm.ssl.trustStoreFileBased=true
- Save your changes to ssl.client.props.
-
Stop and restart the Jazz® for
Service Management application server:
-
In the
JazzSM_WAS_Profile/bin
directory,
depending on your operating system, enter one of the following commands:
-
In the
JazzSM_WAS_Profile/bin
directory,
depending on your operating system, enter one of the following commands:
startServer.bat server1
startServer.sh server1
- Stop and restart the server.
- Complete all of the steps so far on each node before you
continue with the rest of the steps.
- Run the following command on each node for each
myremotehost
(that
is, for every node that you want to enable trust with) in the cluster:
JazzSM_WAS_Profile\bin\retrieveSigners.bat
NodeDefaultTrustStore AnotherTrustStore -host myremotehost -port remote_SOAP_port
JazzSM_WAS_Profile/bin/retrieveSigners.sh
NodeDefaultTrustStore AnotherTrustStore -host myremotehost -port remote_SOAP_port
where myremotehost is
the name of the computer to enable trust with; remote_SOAP_port is
the SOAP connector port number (16313 is the default). If you have
installed with non-default ports, check JazzSM_WAS_Profile/properties/portdef.props
for
the value of SOAP_CONNECTOR_ADDRESS
and use that.
-
Stop and restart the Jazz for
Service Management application server:
-
In the
JazzSM_WAS_Profile/bin
directory,
depending on your operating system, enter one of the following commands:
-
In the
JazzSM_WAS_Profile/bin
directory,
depending on your operating system, enter one of the following commands:
startServer.bat server1
startServer.sh server1
- Stop and restart the server.
Example
In this example, the load balancing cluster is comprised
of two Microsoft Windows nodes named myserver1 and myserver2.
The command entered on myserver1:retrieveSigners.bat NodeDefaultTrustStore AnotherTrustStore -host myserver2 -port 16313
The
command entered on myserver2: retrieveSigners.bat NodeDefaultTrustStore AnotherTrustStore -host myserver1 -port 16313