IBM Support

A new SSL certificate applied to Tomcat server results in server using original certificate

Troubleshooting


Problem

After applying a new SSL certificate on the IBM UrbanCode Deploy Tomcat server, the server still uses the original certificate.

Symptom

The Tomcat server configured in UrbanCode Deploy will use the first certificate found in the keystore if you have more than one certificate in the keystore.

You can configure within ucd-server-home\opt\tomcat\conf\server.xml the parameter keyAlias for the Connector XML element:

"keyAlias: The alias used for the server key and certificate in the keystore. If not specified, the first key read from the keystore will be used. The order in which keys are read from the keystore is implementation dependent. It may not be the case that keys are read from the keystore in the same order as they were added. If more than one key is present in the kesytore it is strongly recommended that a keyAlias is configured to ensure that the correct key is used."

[{"Product":{"code":"SS4GSP","label":"IBM UrbanCode Deploy"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"General Information","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF022","label":"OS X"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"6.1;6.1.1","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

Modified date:
17 June 2018

UID

swg21962896

Page Feedback