Enable SSL connections to an Exchange server for the Common PIM portlets

 

+

Search Tips   |   Advanced Search

 

You allow Common Mail or Common Calendar to connect to an Exchange server over the WebDAV protocol with a secure SSL (HTTPS) connection by modifying the WebSphere Portal JVM to accept the Exchange server's SSL certificate and using the IBM Key Management Utility to make the certificate available to the Portal.

 

Modify the Portal JVM to accept the Exchange server's SSL certificate

To use SSL features with the mail or calendar portlet, the JVM for WebSphere Portal Server must be informed that it should accept the Exchange server's SSL certificate. To do this we need to have the certificate from the Exchange server available. The certificate can be obtained in a number of ways. The best way to obtain it is to ask the Exchange administrator to send it to you.

 

Use the IBM Key Management Utility to make the certificate available to Portal

To make the Exchange server's SSL certificate available to WebSphere Portal, use the IBM Key Management Utility (ikeyman) supplied by WebSphere Application Server to import the certificates into the necessary Java Key Store (.jks) format key storage files. Note that the WebSphere Application Server-supplied ikeyman tool is not the same as other key management tools, even though the user interface may be very similar. ikeyman supports the Java Key Store file formats necessary for WAS and WebSphere Portal, whereas other key management tools may not. See the WAS documentation for details about how to use this tool.

This is a brief overview of the steps to perform:

1. Start ikeyman, which is located in was_profile_root/bin.

2. Open...

   was_root/java/jre/lib/security/cacerts

   By default, the password for this file is changeit.

3. Select Signer Certificates, and then click Add.

4. Select Base64-encoded ASCII data as the data type, and browse to the certificate file of the Exchange server's SSL certificate. You may have to rename the certificate file so that the file extension matches the extension that ikeyman is looking for (.arm).

5. Specify a label for the new certificate.

6. Restart WAS and WebSphere Portal.

 

Parent Topic

Using the Common PIM portlets with Exchange

 

Next topic:

Using the Common PIM portlets with Exchange and Java 2 security

 

---