Enable SSL for Watson Content Hub integration


Enable SSL using the WebSphere Application Server administrative console

  1. Open the WebSphere Application Server administrative console.

  2. Expand...

      Security | SSL certificate and key management | Related Items section | Key stores and certificates

  3. Enable TLS 1.2.

    If we are using a single node environment, expand...

      Security | SSL certificate and key management | SSL configurations | NodeDefaultTrustStore | Quality of protection (QoP) settings

    If we are using a clustered environment (including IBM Commerce on Cloud) that is managed by the deployment manager (DMGR),

      Security | SSL certificate and key management | SSL configurations | CellDefaultTrustStore | Quality of protection (QoP) settings

    To enable TLS 1.2, select...

      General Properties | SSL_TLSv2 protocol

  4. Restart the server to apply the security changes.

  5. Import the SSL certificates.

    If we are using a single node environment, expand...

      Security | SSL certificate and key management | Key stores and certificates | NodeDefaultTrustStore | Signer Certificates

  6. If we are using a clustered environment (including IBM Commerce on Cloud) that is managed by the deployment manager (DMGR), expand...

      Security | SSL certificate and key management | Key stores and certificates | CellDefaultTrustStore | Signer Certificates

  7. Click Retrieve from port and enter the following information.

    Parameter Parameter
    Host my.digitalexperience.ibm.com
    Port 443
    SSL configuration for outbound connection NodeDefaultSSLSettings
    Alias Watson Content Hub

  8. Click Retrieve signer information.

  9. Select OK and save our changes.


Enable SSL using the command line

  1. Go to Watson Content Hub: https://www.digitalexperience.ibm.com.

  2. Log on to Watson Content Hub.

  3. In the web browser address bar, click the security icon, the arrow next to the web address, and then click More Information...

  4. Click...

      View Certificate | Details tab

    The certificates are displayed:

  5. For each certificate, click the certificate name, click Export, and save the certificate to your file system.

  6. Merge all the saved certificates into one certificate file.

    1. Create a new certificate file in a text editor. For example, name the file wwwdigitalexperienceibmcom.crt.

    2. Copy the contents of each certificate file to the new file. For example, your new merged certificate file will resemble the following format: 

        -----BEGIN CERTIFICATE-----
VeriSignClass3PublicPrimaryCertificationAuthority-G5_certificate
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
SymantecClass3SecureServerCA-G4_certificate
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
wwwdigitalexperienceibmcom_certificate
-----END CERTIFICATE-----

    3. Save our changes to the file.

  7. Copy the new certificate file to the application sever.

      docker cp certificate_file docker_name:/opt/WebSphere/AppServer/profiles/profile_name/config/cells/cell_name/nodes/node_name

    For example:

      docker cp wwwdigitalexperienceibmcom.crt bvt_app_1:/opt/WebSphere/AppServer/profiles/default/config/cells/localhost/nodes/localhost

  8. Import the certificate.

      keytool -importcert -file certificate_file -keystore trust.p12 -storepass ibmkey -storetype PKCS12 -noprompt -alias wch

    For example:

      keytool -importcert -file wwwdigitalexperienceibmcom.crt -keystore trust.p12 -storepass ibmkey -storetype PKCS12 -noprompt -alias wch


What to do next

After enabling the integration, we can manage content in the Watson Content Hub.

Wou can work with its content in the Catalogs tool, by selecting the Watson Content Hub.

Previous topic: Configure the Watson Content Hub transport method
Next topic: Optional: Enable the Watson Content Hub store function