Step 1: Prepare user certificates and keys

Edit online

About this task

Before you configure the server or client for X.509 authentication, prepare the user certificates and keys. The following steps assume a self-signed certificate.

Procedure

  1. Generate the user's keystore file with your site-specific information.

    Note:

    • CN must be the user's operating system user name on the Platform Application Center web server.
    • The storetype must be PKCS12, as used by Platform Application Center.
    • The default keystore password on the IBM Spectrum LSF Application Center web server is changeit

    For example:

    $JAVA_HOME/bin/keytool -genkey -v -alias myKey -keyalg RSA -storetype PKCS12 -keystore my.p12 
-storepass changeit -keypass changeit -dname "CN=userA, OU=IBM Platform, 
O=IBM Platform, L=Markham, ST=Ontario, C=CA" -validity 3650
  2. Export the user certificate file from the keystore file that was created in the previous step.

    For example:

    $JAVA_HOME/bin/keytool -export -alias myKey -file my.cert -keypass changeit 
-storepass changeit -storetype PKCS12 -keystore my.p12