This topic describes the default secure communications configuration for IBM Support Assistant and how to change the configuration.
IBM Support Assistant ships with a default configuration which provides for secure communication between the browser client and the server. This configuration will automatically generate a self-signed SSL certificate for the server upon first launch. The generated certificate has a validity period of one year and will need to be regenerated or replaced after the default period expires.
You may want to generate a new certificate if the default certificate has expired or simply to create one with a password that you specify. You can use the securityUtility command to create a default SSL certificate for use by the IBM Support Assistant supplied server.
securityUtility createSSLCertificate --server=isa --password=your_password
You have created a default keystore key.jks for the isa server. The keystore file is located under the <isa_install>/wlp/usr/servers/isa/resources/security directory. The securityUtility command will print out a message to the console containing the new value you will need to add to the <isa_install>/wlp/usr/servers/isa/server.xml configuration file.
You can configure the isa server to use the new keystore.
<keyStore id="defaultKeyStore" password="{xor}Fgweah06Kz5s"