sslcertificatewebspherejythonjacl

Unable to access WebSphere Integrated Solutions Console after deleting self-signed certs


I am new to WebSphere (as you can tell by my dated username) and I have made a mistake. While trying to address security concerns in my organization I deleted the self-signed certificates in WebSphere. This seems to have caused the Integrated Solutions Console to break. Our application hosted in WebSphere is still working fine.

Is there a way to use a Jython or Jacl script to recreate these certs and configure them properly? Or is there perhaps another way to get access to the Console?

The web browser (IE) complains about TLS errors when trying to load the Console page.


Solution

  • You can create a new certificate using the createSelfSignedCertificate command from wsadmin. You'll have to run wsadmin unconnected to the server.

    So roughly

    start wsadmin eg.

    wsadmin -conntype none

    Then run the createSelfSignedCertificate task. The keystore is likely NodeDefaultKeyStore if you are on a stand alone app server or CellDefaultKeyStore if you are on a ND environment. You have to provide a management scope if running unconnected. You can get the list or management scope with the listManagementScopes command. Fill in your hostname for the certificateCommonName parameter.

    eg.

    to get the list of management scopes

    wsadmin> AdminTask.listManagementScopes()

    to create a self-signed certificate

    AdminTask.createSelfSignedCertificate('[-keyStoreName -keyStoreScope -certificateAlias -certificateCommonName -certificateOrganization ibm -certificateState us ]')

    to save the changes AdminConfig.save()