Exporting the DASH LTPA keystore

For added security the contents of the LTPA token are encrypted and decrypted using a keystore (referred to in the subsequent procedure as the LTPA keystore) maintained by WebSphere®. In order for two instances of WebSphere to share authentication information via LTPA tokens they must both use the same LTPA keystore. The IBM® Admin Console makes this a simple process of exporting the LTPA keystore on one instance of WebSphere and importing it into another.

About this task

This task describes how to export the LTPA keystore from the instance of WebSphere running on the Network Manager DASH server to the instance of WebSphere running on the Netcool® Configuration Manager server for keystore synchronization.


  1. Launch the DASH Admin Console. For example: http://www.nm_gui_server_ip.com:16310/ibm/console.
  2. Navigate to Settings > WebSphere Administrative Console.
  3. Click Security > Global security.
  4. Under the Authentication mechanisms and expiration tab, click LTPA.
  5. Under the Cross-cell single sign-on tab, enter a password in the Password and Confirm password fields.
    The password will subsequently be used to import the LTPA keystore on the Netcool Configuration Manager server.
  6. Enter the directory and filename you want the LTPA keystore to be exported to in the Fully qualified key file name field.
  7. Complete by clicking Export keys.
  8. Transfer the LTPA keystore to the Netcool Configuration Manager server.


You will receive a message indicating that the LTPA keystore has been exported successfully.

What to do next

You now configure the SSO attributes for DASH.