IBM BPM, V8.0.1, All platforms > Administer the IT infrastructure > Manage IBM Process Servers > Configure access to a secure application server

Installing a signer certificate in IBM Process Server trust store

Signer certificates establish the trust relationship in SSL communication. After you extract the signer certificate from WebSphere Application Server, you must add it to the IBM Process Server trust store.

Extract the signer certificate.

You must stop the IBM Process Server if it is running.


Procedure

Complete the following steps to install the signer certificate to the trust store for the IBM Process Server:

  1. Transfer the Distinguished Encoding Rules (DER) file from the preceding procedure to a file system location that is accessible to the IBM Process Server.

    For example, you can use a shared drive.

  2. On the IBM Process Server host system, go to [IBM_BPM_home]/AppServer/java/bin and invoke ikeyman.

  3. Click Key Database File > Open.
  4. Set the value of Key database type to JKS.
  5. Set the value of Location to [IBM_BPM_home]/AppServer/java/jre/lib/security.
  6. Set the value of File Name to cacerts.

  7. ClickOK.
  8. Provide a password. The default password is changeit.

  9. Click Signer Certificates > Add.

  10. Specify the location of the DER file, and then click OK.

  11. Enter a label for the certificate, and then click OK.

  12. Start IBM Process Server.

Configure access to a secure application server