IBM BPM, V8.0.1, All platforms > Authoring services in Integration Designer > Services and service-related functions > Access external services with adapters > Configure and using adapters > IBM WebSphere Adapters > Enterprise Content Management > Plan for adapter implementation

Support for secured HTTP communication with CMIS server

IBM WebSphere Adapter for Enterprise Content Management supports secured HTTP communication with CMIS server.

To enable secured HTTP communication, perform the following tasks:

  1. Enable the enterprise metadata discovery with secured HTTP communication configuration. See Configuration for enterprise metadata discovery with secured HTTP communication.
  2. Enable IBM Process Server with secured HTTP communication. See Enabling secured HTTP communication on IBM Process Server.


Configuration for enterprise metadata discovery with secured HTTP communication

Use IBM Integration Designer to configure the enterprise metadata discovery with secured HTTP communication.

To configure enterprise metadata discovery for HTTPS communication, perform these tasks:

  1. Extract the certificate used by the CMIS server for communicating with external clients.
  2. Import the extracted certificate to IBM Integration Designer truststore.
    1. Open ikeyman <intall_root>/java/jre/bin.

    2. Select Key Database File > Open.

    3. Select PKCS12 as the Key database type.

    4. Click Browse, to navigate to <INSTALL_ROOT>/runtimes/bi_v7_stub/etc/trust.p12 file.

    5. Click OK, to open the truststore.

    6. Enter the password as WebAS.

    7. Select Signer Certificates under Key database content.

    8. Click Add.

    9. Click Browse, to select and add the extracted certificate.

    10. Click OK.

    11. Enter a label for the certificate in the Enter a Label window.

    12. Click OK. Now the certificate is added.
    13. Close ikeyman.

  3. If the certificate uses host name, make an entry with the host name and IP address in the C:\Windows\system32\drivers\etc\hosts file.

  4. When creating a New External Service, in the Specify the Discovery Properties window, for the Connection properties, select the Connection as https, specify the host name and the secure port number (for IBM WebSphere Application Server, the default port is 9443).


Enabling secured HTTP communication on IBM Process Server

You can import the secured HTTP CMIS communication certificates into IBM Process Server by using one of these two options:


Option 1: Using iKeyman

  1. Open ikeyman <profile_root>/jdk/jre/bin.

  2. Select Key Database File > Open.

  3. Select PKCS12 as the Key database type.

  4. Click Browse, to navigate to <profile_root>/profiles/profilename/config/cells/cellname/nodes/nodename/trust.p12 file.

  5. Click OK, to open the truststore.

  6. Enter the password as WebAS.

  7. Select Signer Certificates under Key database content.

  8. Click Add.

  9. Click Browse, to select and add the extracted certificate.

  10. Click OK.

  11. Enter a label for the certificate in the Enter a Label window.

  12. Click OK. Now the certificate is added.
  13. Close ikeyman and restart IBM Process Server.


Option 2: Using administrative console

  1. Start IBM Process Server.
  2. Open the Administrative Console.

  3. Select Security > SSL certificate and key management.

  4. Select SSL configurations.

  5. Select the NodeDefaultSSLSettings option.

  6. Select SSL keystores.

  7. Choose NodeDefaultTrustStore.

  8. Select the Signer certifications option.

  9. Click Retrieve from port, and enter the server details from where the certificate needs to be downloaded.

  10. Click Retrieve signer information. This displays the certificate details.

  11. Click Apply.

  12. Click Save, to confirm the changes.
  13. Restart the IBM Process Server with the new trust certificate.

Plan for adapter implementation