Lesson 3.2: Add SSL properties to the catalog server properties file
The catalog server is running outside of WebSphere® Application Server, so you must configure the SSL properties in the server properties file.
About this task
SSL properties in the catServer3.props file
alias=default
contextProvider=IBMJSSE2
protocol=SSL
keyStoreType=PKCS12
keyStore=/was_root/IBM/WebSphere/AppServer/profiles/
<deployment_manager_name>/config/cells/<cell_name>/nodes/
<node_name>/key.p12
keyStorePassword=WebAS
trustStoreType=PKCS12
trustStore=/was_root/IBM/WebSphere/AppServer/profiles/
<deployment_manager_name>/config/cells/<cell_name>/nodes/
<node_name>/trust.p12
trustStorePassword=WebAS
clientAuthentication=false
The
catServer3.props file is using the default WebSphere Application Server node level keystore and truststore. If you are deploying a
more complex deployment environment, you must choose the correct keystore and truststore. In some
cases, you must create a keystore and truststore and import the keys from keystores from the other
servers. Notice that the WebAS string is the default password of the WebSphere Application Server keystore and truststore. These entries are already included in the samples_home/security_extauth/catServer3.props file as comments. You can uncomment the entries and make the appropriate updates for your installation to the was_root, <deployment_manager_name>, <cell_name>, and <node_name> variables.
After configuring the SSL properties, change the transportType property value from TCP/IP to SSL-Required.
SSL properties in the client3.props file
You must also configure the SSL properties in the client3.props file because this file is used when you stop the catalog server that is running outside of WebSphere Application Server.
#contextProvider=IBMJSSE2
#protocol=SSL
#keyStoreType=PKCS12
#keyStore=/was_root/IBM/WebSphere/AppServer/profiles/
<deployment_manager_name>/config/cells/<cell_name>/nodes/
<node_name>/key.p12
#keyStorePassword=WebAS
#trustStoreType=PKCS12
#trustStore=/was_root/IBM/WebSphere/AppServer/profiles/
<deployment_manager_name>/config/cells/<cell_name>/nodes/
<node_name>/trust.p12
#trustStorePassword=WebAS
As with the catServer3.props file, you can use the comments that are already
provided in the samples_home/security_extauth/client3.props file with appropriate updates to was_root, <deployment_manager_name>,
<cell_name>, and <node_name> variables to match your
environment. Lesson checkpoint
You configured the SSL properties for the catalog server.