Replacing WebSphere Application Server Network Deployment certificates
To replace a certificate before it expires, or to use your own certificate, you can replace an IBM® WebSphere® Application Server Network Deployment certificate by specifying a different certificate for each node.
About this task
In clustered IBM InfoSphere® Information Server installations, all signer certificates must be stored in the CellDefaultTrustStore truststore. In stand-alone InfoSphere Information Server installations, all signer certificates must be stored in the NodeDefaultTrustStore truststore. These trust stores are the default locations for WebSphere Application Server Network Deployment signer certificates.
In WebSphere Application Server, Version 6.1, when certificates expire or if the nodes are out of synchronization, you can replace a certificate by completing the steps in the following technote: http://www.ibm.com/support/docview.wss?rs=180&uid=swg21305596. Although WebSphere Application Server, Version 6.1 is not supported in this release of InfoSphere Information Server, the example in this technote is still valid for manually replacing SSL certificates.
In WebSphere Application Server, Version 8.5.5.1, you can renew certificates. WebSphere Application Server generates a new certificate that replaces the old certificate.
Alternatively, you can replace a certificate with your own certificate, or you can use a certificate signed by a certificate authority. Refer to the WebSphere Application Server documentation for details.