1. Server Manager Installation Guide
  2. Importing the TrustStore Certificate

Importing the TrustStore Certificate

To import a TrustStore certificate:

  1. Start the IKEYMAN GUI utility.

  2. Create a new TrustStore Database File by selecting Key Database File, and then select New.

  3. In the new dialog box select:

    • Key database type = JKS

    • Filename = give any name

    • Location = any location where the new Key Database file will be generated.

  4. Click OK. The password dialog box will popup.

    This image is described in surrounding text.

  5. In the password dialog box, provide a password for the TrustStore database file that is being created and click OK.

    Important:

    Be sure to write down this password to have it available to provide to the Server Manager Console later when configuring the TrustStore and KeyStore Files for the secure profile.

Now we will import the TrustStore file from the WAS Secure Profile location. To import the TrustStore file:

  1. Click Import to bring up the Open dialog box to import the trust.p12 file from the WAS Secure Profile's etc folder.

  2. In the Key file type field, select PKCS12.

  3. For the File Name field, click Browse and select the trust.p12 file from your <WASInstall>/AppServer/profiles/<profile>/etc folder.

    This image is described in surrounding text.

  4. Click OK.

  5. When prompted for a password, use WebAS, which is the default password for all of the profile's TrustStore and KeyStore files.

  6. Click OK. This will bring up the Change Labels dialog box.

  7. Select root from Select a label to change, and enter a new label name like Profile1root to make sure every certificate that is imported from different profiles has a unique name associated with it.

    This image is described in surrounding text.

  8. Click Apply.

  9. Click OK to save.

The TrustStore that you have imported in the above steps will now be listed under the IKEYMAN Signer Certificates.

This image is described in surrounding text.

If you do not see the imported certificates under the Signer Certificates section, then the import did not work and you need to redo these steps for Importing the TrustStore Certificate from the beginning.

If you are using multiple Secure Profiles, you will need to import the TrustStore keys from each of these profiles to the same JKS database file. The instructions remain the same.

Close the newly created TrustStore Database by selecting Key Database File, and then select Close.