IBM Support

Reviewing SMS server certificate from the keydb.

Question & Answer


Question

How can we review the SMS server certificate to make sure it is not expired?

Answer

1- find the .properties file for the SMS server instance. Usually located at,

./AppSrv01/installedApps/Cell01/DavidSess.ear/DSess.war/WEB-INF/SMS-One/pdjrtecfg.properties


2- Find the pdcert-url attribute in the properties file.
usually
./AppServer/profiles/AppSrv01/installedApps/Cell01/DavidSess.ear/DSess.war/WEB-INF/SMS-One/pdjrtecfg.jks


3- run
keytool -list -keystore ./AppSrv01/installedApps/Cell01/DavidSess.ear/DSess.war/WEB-INF/SMS-One/pdjrtecfg.jks -storetype JCEKS

When prompted for the password, you can just hit Enter to see the public portion of the certificates, which is all you need for these purposes.

[{"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Session Management Server (SMS)","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21427406