Configure the Liberty profile
We must enable an HTTPS endpoint in WAS Liberty profile that uses the server's certificate, and trusts the client certificates.
Ensure that you understand the documentation at Enable SSL communication for the Liberty profile. To set up the MobileFirst Server, see the WAS Liberty profile documentation about setting up SSL for the server at Liberty profile: SSL configuration attributes.
The application server requirements can be configured on the WAS Liberty profile in the server.xml file.
- Install a server certificate for use by the SSL channel, and configure the SSL channel.
- Add a truststore to the configuration containing a keystore with the CA certificate used to sign user certificates. Add the following element to the server.xml file:
<keyStore id="defaultTrustStore" location="trust.jks" type="JKS" password="defaultPWD" />
- Enable the client authentication support by adding the clientAuthenticationSupported="true" attribute to the SSL element in the server.xml file.
- Access the operations console over SSL. We are presented with a trusted website that asks for an optional user certificate.
Parent topic: WebSphere Application Server and Liberty profile requirements