IBM Tivoli Monitoring > Version 6.3 Fix Pack 2 > Administrator's Guide > Securing communications
IBM Tivoli Monitoring, Version 6.3 Fix Pack 2
Import the TEPS/e certificates into the portal server keyfile database
If you have created a custom keyfile database on the computer where the portal server is installed and it contains a new self-signed or CA-signed IBM Tivoli Monitoring certificate, you must also import the certificates used by TEPS/e into the new keyfile database. This allows TEPS/e and the Tivoli Enterprise Portal Server web server plug-in to communicate internally over a secure connection.
Use the following procedure to manually import the TEPS/e certificates into the IBM Tivoli Monitoring keyfile database for the portal sever.
Procedure
- Open a command prompt (Windows) or shell (AIX or Linux).
- Set the JAVA_HOME variable as described in Set the JRE for GSKit and starting Key Manager, but do not start the GSKit Key Manager.
- Go to the lib (32-bit) or lib64 (64-bit) directory under the GSKit home directory. You can use either 32-bit of 64-bit.
install_dir/GSK8 or install_dir/GSK8_x64
install_dir\arch\gs\lib or install_dir\arch\gs\lib64
The GSKit binary is called gsk8capicmd (32-bit) or gsk8capicmd_64 (64-bit).
- Execute the following commands:
..\bin\gsk8capicmd[_64] -cert -import -db ..\..\CNPSJ\profiles\ITMProfile\config\cells\ITMCell\nodes\ITMNode\trust.p12 -pw WebAS -type pkcs12 -label root -target ..\..\keyfiles\keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label root.ihs
..\bin\gsk8capicmd[_64] -cert -import -db ..\..\CNPSJ\profiles\ITMProfile\config\cells\ITMCell\nodes\ITMNode\key.p12 -pw WebAS -type pkcs12 -label default -target ..\..\keyfiles\keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label default.ihs
../bin/gsk8capicmd[_64] -cert -import -db ../../../arch/iw/profiles/ITMProfile/config/cells/ITMCell/nodes/ITMNode/trust.p12 -pw WebAS -type pkcs12 -label root -target ../../../keyfiles/keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label root.ihs
../bin/gsk8capicmd[_64] -cert -import -db ../../../arch/iw/profiles/ITMProfile/config/cells/ITMCell/nodes/ITMNode/key.p12 -pw WebAS -type pkcs12 -label default -target ../../../keyfiles/keyfile.kdb -target_pw IBM61TIV -target_type cms -new_label default.ihsThe password for the source or target key store might be different if you created your own keystores.
- Restart the portal server.
Parent topic:
Securing communications