Certificate management in SSL
You can manage certificate operations that involve personal certificates, signer certificates, and personal certificate requests on the administrative console.
Types of certificates
WebSphere® Application
Server uses the certificates that reside in keystores to establish
trust for a Secure Sockets Layer (SSL) connection. Click Security >
SSL certificate and key management > Manage endpoint security configurations >
Inbound | Outbound > SSL_configuration_name > Key stores
and certificates, then select an existing or create a new keystore.
After selecting a keystore, and depending on the type of certificate
you need, choose one of the following types of certificates under
Related Items:
- Personal certificate
- Signer certificate
- Certificate Authority (CA) certificates
- Personal certificate request
Types of certificates | Functions | Description |
---|---|---|
Personal certificates | Create a self-signed certificate | Creates a self-signed certificate and stores it in a keystore. |
List personal certificates | Lists all the personal certificates in a keystore. | |
Get information about a personal certificate | Gets information about a personal certificate. | |
Delete a personal certificate | Deletes a personal certificate from a keystore. | |
Import a certificate | Imports a certificate from a keystore to a keystore. | |
Export a certificate | Exports a certificate from a keystore to another keystore. | |
Extract a certificate | Extracts the signer part of a personal certificate to a file. | |
Exchange signer certificates | Exchange signer part of a personal certificate between key store. | |
Receive a certificate | Reads a certificate that comes from a certificate authority (CA) into a keystore. | |
Replace a certificate | Replaces all occurrences of a personal certificate alias in the WebSphere Application Server configuration with another certificate. Also, replaces all occurrences of the personal certificates signer with the new personal certificate signer. | |
Create a chained certificate | Creates a chained certificate and stores it in a keystore. | |
Renew a certificate | Renews a certificate with a new public/private key pair and stores it in a keystore. | |
Request a CA certificate | Makes a request to a CA using a CA client to obtain a CA certificate. | |
Certificate authority (CA) certificates | Create CA certificate | Sends a certificate request to an external certificate authority (CA). |
Revoke CA certificate | Sends a revocation request to an external certificate authority (CA). | |
Signer certificates | Add a signer certificate | Adds a signer certificate from a file to a keystore. |
List signer certificates | Lists all the signer certificates in a keystore. | |
Get information about a signer certificate | Gets information about a signer certificate. | |
Delete a signer certificate | Deletes a signer certificate from a keystore. | |
Extract a signer certificate | Extracts a signer certificate from a keystore, and stores the certificate in a file. | |
Retrieve a signer from a port | Retrieves a signer certificate from a port, and stores it in a key store. | |
Certificate requests | Create a certificate request | Creates a certificate request that can be sent to a CA. |
List certificate requests | Lists the certificate requests in a keystore. | |
Get information about a certificate request | Gets information about a certificate request. | |
Delete a certificate request | Deletes a certificate request from a keystore. | |
Extract a certificate request | Extracts a certificate request to a file. |
Personal certificates
Function | AdminTask object | Administrative console |
---|---|---|
Create a self-signed certificate | createSelfSignedCertificate | Security > SSL certificate and key management > Key store and certificates > key store > Create a Self-Signed Certificate |
List personal certificates | listPersonalCertificates | Security > SSL certificate and key management > Key store and certificates > key store > personal certificates |
Get information about a personal certificate | getPersonalCertificate | Security > SSL certificate and key management > Key store and certificates > key store > personal certificates > alias |
Delete a personal certificate | deletePersonalCertificate | Security > SSL certificate and key management > Key store and certificates > key store > personal certificates > delete |
Import a certificate | importCertificate | Security > SSL certificate and key management > Key store and certificates > key store > personal certificates > import |
Export a certificate | exportCertificate | Security > SSL certificate and key management > Key store and certificates > key store > personal certificates > export |
Extract a certificate | extractCertificate | Security > SSL certificate and key management > Key store and certificates > key store > personal certificates > extract |
Exchange signer certificates | exchangeSignerCertificates | Security > SSL certificate and key management > Key store and certificates > Exchange signers |
Create a chained certificate | createChainedCertificate | Security > SSL certificate and key management > Key store and certificates > keystore name > Personal certificates. Click Create button and select Chained certificate |
Renew a certificate | renewChainedCertificate | Security > SSL certificate and key management > Key store and certificates > keystore name > Personal certificates. Select a certificate. Click Renew button. |
Create a chained Certificate | createChainedCertificate | Security > SSL certificate and key management > Key store and certificates > keystore > Create a chained certificate. |
Request a CA certificate | requestCACertificate | Security > SSL certificate and key management > Key store and certificates > keystore > Request a CA certificate. |
Certificate authority (CA) certificates
Function | AdminTask object | Administrative console |
---|---|---|
Create a CA certificate | createCACertificate | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificates > Create > CA-signed certificate |
Revoke a CA certificate | revokeCACertificate | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificates personal certificate > Revoke |
Signer certificates
Function | AdminTask object | Administrative console |
---|---|---|
Add a signer certificate | addSignerCertificate | Security > SSL certificate and key management > Key store and certificates > key store > signer certificates > Add |
List signer certificates | listSignerCertificates | Security > SSL certificate and key management > Key store and certificates > key store > signer certificates |
Get information about a signer certificate | getSignerCertificate | Security > SSL certificate and key management > Key store and certificates > key store > signer certificates > alias |
Delete a signer certificate | deleteSignerCertificate | Security > SSL certificate and key management > Key store and certificates > key store > signer certificate >delete |
Extract a signer certificate to a file | extractSignerCertificate | Security > SSL certificate and key management > Key store and certificates > key store > signer certificates > extract |
Retrieve a signer certificate from a port | retrieveSignerFromPort | Security > SSL certificate and key management > Key store and certificates > key store > signer certificates > retrieve from port |
Personal certificate requests
Function | AdminTask object | Administrative console |
---|---|---|
Create a personal certificate request | createCertificateRequest | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificate Requests > Add |
List personal certificate requests | listCertificateRequests | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificate requests |
Get information about a personal certificate request | getCertificateRequest | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificate requests > alias |
Delete a personal certificate request | deleteCertificateRequest | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificate requests > delete |
Extract a personal certificate request to a file | extractCertificateRequest | Security > SSL certificate and key management > Key store and certificates > key store > Personal certificate requests > Extract |