Importing the DASH LTPA keystore to the Netcool Configuration Manager server

For added security the contents of the LTPA token are encrypted and decrypted using a keystore maintained by WebSphere®. In order for two instances of WebSphere to share authentication information via LTPA tokens they must both use the same keystore. The IBM® admin console makes this a simple process of exporting the keystore on one instance of WebSphere and importing it into another.

Before you begin

You must have exported the LTPA keystore from the instance of WebSphere running on the Network Manager DASH server and copied it to the Netcool® Configuration Manager server in a previous task.

About this task

In this procedure you will import that LTPA keystore to the instance of WebSphere running on the Netcool Configuration Manager server.


  1. Logon to the WebSphere Administrative Console for the Netcool Configuration Manager Presentation Server using the superuser name and password specified at install time (typically Intelliden).

    For example: http://NCM_presentation_server:16316/ibm/console

  2. Click Security > Global security.
  3. Under Authentication mechanisms and expiration, click LTPA.
  4. Under Cross-cell single sign-on, enter the password in the Password and Confirm password fields. This password is the one that was used when the LTPA keystore was exported from DASH.
  5. Enter the LTPA keystore file name in the Fully qualified key file name field. This is the LTPA keystore that was exported from DASH.
  6. Click Import keys.
  7. Click Save directly to the master configuration.

What to do next

Draft comment:
[Reviewers: I think we should be very specific about where SSO configuration is going to be performed. Please review for accuracy.]
You should now configure single sign-on attributes for the WebSphere instance running on the Netcool Configuration Manager server.