Creating SSL certificates from the command line

You can use the securityUtility command to create a default SSL certificate for use by the Liberty configuration.

Procedure

  1. Open a command line, then change directory to the wlp/bin directory.
  2. Create an SSL certificate.
    Run the following command. If you do not specify a server name or a password, the command does not run. See securityUtility command.
    securityUtility createSSLCertificate --server=server_name --password=your_password

Results

You created a default key.p12 keystore for the specified server.

Through 19.0.0.2, you created a default key.jks keystore for the specified server.

The keystore file is located under the /resources/security directory of the specified server. If a default keystore already exists, the command does not execute successfully.

What to do next

You can configure your server to use the keystore and enable the SSL in the server configuration by adding the following lines to the server configuration file:
    <featureManager>
        <feature>ssl-1.0</feature>
    </featureManager>

    <keyStore id="defaultKeyStore" password="keystore_password" />
See Enabling SSL communication in Liberty.