Hello Stèphane, I used the following steps in WAS 6.1 to get the CA loaded into the truststore:
1. Log in to WebSphere admin console 2. Click Security > SSL certificate and key management 3. Click "Manage endpoint security configurations" 4. In the "Inbound" section, click on the item that has "CellDefaultSSLSettings" in the name 5. Click on "Key stores and certificates" 6. Click "CellDefaultTrustStore" 7. Click "Signer certificates" 8. Click "Retrieve from port" 9. In the "Host" field, enter the URL representing the site, without the protocol identifier; e.g., "PunchoutVendorURL.com" 10. In the "Port" field, enter "443" (the default HTTPS port) -or- a vendor-provided non-standard port number. 11. In the alias field, enter the same value used in step 9 above, -or- a descriptive name for the vendor, such as "My_test" 12. Click "Retrieve signer information" You should then see a "Retrieved signer information" section with data about the certificate. 13. Click OK 14. Restart the WebSphere application server Currently I don't have a running WAS 6.0 to check if the steps are the same. Regards, Heinz On Wed, Aug 12, 2009 at 22:03, Stéphane Prohaszka<[email protected]> wrote: > As Websphere has its own keystore in the SSL menu, I thought it was those > that I have to configure. > > But I did not imagine one time that it could be the one of the JVM. Thanks > for the idea, I will try it and tell you very soon. > > Stéphane > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
