IBM Support

How to update certificates that are expiring for SSP and SI for HTTP Communications (Part 1)

Technical Blog Post


Abstract

How to update certificates that are expiring for SSP and SI for HTTP Communications (Part 1)

Body

You can use a Self Signed Certificate or a CA Certificate.

The following is the procedure if you are using one certificate for SSP and SI.

  1. Please use the following steps to create a Self Signed Certificate. Proceed to Step 2, if you want to use a Certificate Authority.
    1. Open the IBM Sterling Certificate Wizard
    2. Select the tab for Self Signed Certificate

image

c. Select Next

d. Make sure the radio button in front of Server for Certificate Type is selected

image

e. You will need to select the Private Key Length of 2048, enter a Serial Number, How many days you want the certificate to be valid, a passphrase for the private certificate.

image

f. Click Next

g. You will need to select a cipher, save the Key File and CSR file. Depending on what version of SSP you are using will determine which Cipher Suite you can use. It looks lie older versions of SSP would need to select DES MD5 as the Cipher Suite. For example: Version 3.4.1.0 Fix 6 Build 83 will need to use DES MD5.

image

h. Click Next and you will see the information you entered. Verify it is correct and Select Next

i. You should receive a message stating "A self-signed certificate has been created"

image

j. Now, you will need to create a key certificate.

2. You will need to create a CSR and send it to a Certificate Authority in order to use a certificate from a Certificate Authorit

3. Click on the Generate Key Certificate Tab

  1. Select Standard for the Output Keycert/Keystore Format
  2. Select the Private Key file you created in the Self Signed Certificate Tab/CSR Creation
  3. Enter the passphrase you entered in the Self Signed Certificate Tab/CSR Creation
  4. Select the certificate file you created in the Self Signed Certificate Tab/CSR Creation and add it to the Certificate Chain List
  5. Select the Cipher Suite you selected in the Self Signed Certificate Tab/CSR Creation
  6. Uncheck CA Root must be present
  7. Enter a Key Certificate Filename
  8. Select Generate

image

\

i. Select Ok for the Confirmation pop up

image

j. You will receive another popup stating the Key Certificate has been created successfully.

image

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

UID

ibm11121637

Page Feedback