IBM Tivoli Monitoring > Version 6.3 Fix Pack 2 > Administrator's Guide > Securing communications

IBM Tivoli Monitoring, Version 6.3 Fix Pack 2

Import the TEPS/e certificates into the portal server keyfile database

If you have created a custom keyfile database on the computer where the portal server is installed and it contains a new self-signed or CA-signed IBM Tivoli Monitoring certificate, you must also import the certificates used by TEPS/e into the new keyfile database. This allows TEPS/e and the Tivoli Enterprise Portal Server web server plug-in to communicate internally over a secure connection.


Use the following procedure to manually import the TEPS/e certificates into the IBM Tivoli Monitoring keyfile database for the portal sever.


Procedure

  1. Open a command prompt (Windows) or shell (AIX or Linux).

  2. Set the JAVA_HOME variable as described in Set the JRE for GSKit and starting Key Manager, but do not start the GSKit Key Manager.

  3. Go to the lib (32-bit) or lib64 (64-bit) directory under the GSKit home directory. You can use either 32-bit of 64-bit.

    install_dir/GSK8 or install_dir/GSK8_x64

    install_dir\arch\gs\lib or install_dir\arch\gs\lib64

    The GSKit binary is called gsk8capicmd (32-bit) or gsk8capicmd_64 (64-bit).

  4. Execute the following commands:


    • ..\bin\gsk8capicmd[_64] -cert -import -db ..\..\CNPSJ\profiles\ITMProfile\config\cells\ITMCell\nodes\ITMNode\trust.p12 -pw WebAS -type pkcs12 -label root -target ..\..\keyfiles\keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label root.ihs

      ..\bin\gsk8capicmd[_64] -cert -import -db ..\..\CNPSJ\profiles\ITMProfile\config\cells\ITMCell\nodes\ITMNode\key.p12 -pw WebAS -type pkcs12 -label default -target ..\..\keyfiles\keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label default.ihs


    • ../bin/gsk8capicmd[_64] -cert -import -db ../../../arch/iw/profiles/ITMProfile/config/cells/ITMCell/nodes/ITMNode/trust.p12 -pw WebAS -type pkcs12 -label root -target ../../../keyfiles/keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label root.ihs

      ../bin/gsk8capicmd[_64] -cert -import -db ../../../arch/iw/profiles/ITMProfile/config/cells/ITMCell/nodes/ITMNode/key.p12 -pw WebAS -type pkcs12 -label default -target ../../../keyfiles/keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label default.ihs

      The password for the source or target key store might be different if you created your own keystores.

  5. Restart the portal server.


Parent topic:

Securing communications

+

Search Tips   |   Advanced Search