Add SSL Certificate in WebSphere Application Server (WAS)

 View Only
Tue September 28, 2021 06:29 PM

Author: Pramod Sapare


Skill Level: Intermediate

Exercise caution when working on the WebSphere Admin Console

Step-by-step instructions to add a signer certificate from another server in WAS for successful SSL handshake. The screenshots included are from WAS 9.0.


  • WebSphere Application Server (the screenshots are from WAS v9.0).
  • A signer certificate from another server that needs to be added to your WAS.


  1. Login to WAS Admin Console

    Login into WAS Admin Console: https://<WAS_ADMIN_HOST>:<WAS_ADMIN_PORT>/ibm/console

  2. Navigate to certificate configuration section

    Go to Security (Left Nav) -> SSL certificate and key management and under Related Items section, click on Key stores and certificates link.

  3. Select TrustStore

    Click on NodeDefaultTrustStore

  4. Start addition of certificate

    Under Additional Properties, Click on Signer Certificates

  5. Add new signer certificate

    Click on Add button

  6. Provide certificate details

    Provide details for the certificate to be added. Then click on Apply.

    Make sure the .crt file is already copied to WAS machine, for e.g. /opt/IBM/WebSphere/Profiles/DefaultAppSrv01/etc/xxxssl.crt

  7. Check the certificate details

    The certificate details can be seen as below. Click on Save.

  8. SSL certificate is successfully added


    ! Note that a server restart is not required for these changes to take effect.


0 Favorited
0 Files