Creating SSL certificates from the command prompt

WAS v8.5 > Secure applications > Secure the Liberty profile and its applications > Secure communications with the Liberty profile
Creating SSL certificates from the command prompt

We can use the securityUtility command to create a default SSL certificate for use by the Liberty profile configuration.

Open a command prompt, then change directory to the wlp/bin directory.

Create an SSL certificate.
Run the following command. If we do not specify a server name or a password, the command does not run. See Liberty profile: securityUtility command.
securityUtility createSSLCertificate --server worklightServer --password your_password

Results
You have created a default keystore key.jks for the specified server. The keystore file is located under the /resources/security directory of the specified server. If a default keystore already exists, the command does not execute successfully.

What to do next
We can configure your server to use the keystore and enable the SSL in the server configuration by adding the following lines to the server configuration file:
    < featureManager>
        <feature>ssl-1.0</feature>     </featureManager> 
    < keyStore id="defaultKeyStore" password="keystore_password" /> 
See Enabling SSL communication for the Liberty profile.

See also

Liberty profile: securityUtility command
The securityUtility command supports plain text encryption and SSL certificate creation for a Liberty profile.

Parent topic: Secure communications with the Liberty profile

Reference:

Liberty profile: securityUtility command

|