IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Expand all | Collapse all

Create keystore

  • 1.  Create keystore

    Posted Tue March 23, 2010 02:29 AM

    We have installed 8.0.1. I am trying to configure the certs for https ssl handshake
    As per IS Admin guide.

    1. create keystore files using java tool keytool. – created
    2. create keystore alias from IS admin page – this step is failing with the following error

    Error: cannot load the keystore for alias ‘keyalias’. Details: attempt to initialize keystore using location(Y:\SoftwareAG8\IntegrationServer\config\certs\XXXX.keystore) failed.

    cannot proceed further, please provide guidelines

    bsr


    #webMethods
    #Integration-Server-and-ESB
    #webMethods-Archive


  • 2.  RE: Create keystore

    Posted Tue March 23, 2010 10:04 PM

    Follow up on [url]http://techcommunity.softwareag.com/ecosystem/documentation/webmethods/wmsuite8_ga/Integration_Server_and_Process_Engine/8-0-SP1_Administering_Integration_Server.pdf[/url]

    In particular when it talks on page 215 about keyaliases. This means when you create a keystore, you store keypairs using an “alias” name for each. A keystore can have multiple keypairs.

    IS needs to know from all the certs, the alias you want to use.


    #Integration-Server-and-ESB
    #webMethods
    #webMethods-Archive


  • 3.  RE: Create keystore

    Posted Wed March 24, 2010 12:52 AM

    A good open source tool for working with keystores and the keypairs and aliases stored in them is Portecle.


    #Integration-Server-and-ESB
    #webMethods-Archive
    #webMethods


  • 4.  RE: Create keystore

    Posted Wed March 24, 2010 12:59 AM

    Portecle is quite good for keystores.

    Take a look to [url]Home for a more advanced CA tool.


    #webMethods-Archive
    #Integration-Server-and-ESB
    #webMethods


  • 5.  RE: Create keystore

    Posted Fri April 02, 2010 07:54 PM

    I created a keystore using the keytool. I imported a public .der key into the keystore in the Security → Keystore utility. It is complaining that I don’t have a valid password for one of the aliases (even though I used the alias I provided to the public key in the keystore). I even tried adding the CA into the keystore with another alias. I’ve tried referencing both and while it will allow me to ‘Submit’, it will not list any of the aliases in the keystore. Am I missing something?


    #webMethods-Archive
    #Integration-Server-and-ESB
    #webMethods


  • 6.  RE: Create keystore

    Posted Fri April 02, 2010 08:51 PM

    It seems to think that the keystore is not valid even though it accepts it. If I use a bogus password it will not accept the entry. But with the correct password it does. Still, it will not display any aliases after the submit button like the documentation says it should.


    #Integration-Server-and-ESB
    #webMethods-Archive
    #webMethods


  • 7.  RE: Create keystore

    Posted Fri December 10, 2010 04:39 PM

    I’m use also IS 8.0.1. Now I can imported a public .der key into the keystore Using KeyTool, I think that you don’t specify an alias in importing pubic key, I used command as below:
    keytool -importcert -alias mypublickey -file mypublickey.der -keystore mykeystore.jks

    But I don’t know how import .der private key to keystore, The private key is generated using webMethods’s certificatetoolkit, Please help me


    #webMethods-Archive
    #webMethods
    #Integration-Server-and-ESB


  • 8.  RE: Create keystore

    Posted Sat December 11, 2010 06:07 AM

    I have resolved the issue, I convert .der private key to pem format using below openssl command, then get key/pair by add public key to priv9.pem,
    I import key/pair to keystore by portecle 1.5
    openssl pkcs8 -in priv9.der -inform DER -nocrypt -out priv9.pem


    #webMethods-Archive
    #Integration-Server-and-ESB
    #webMethods


  • 9.  RE: Create keystore

    Posted Sat February 05, 2011 12:07 AM

    Could someone explain what the “get key/pair by add public key to priv9.pem” means? I converted my private key to .pem, but don’t understand the next step.


    #webMethods
    #webMethods-Archive
    #Integration-Server-and-ESB


  • 10.  RE: Create keystore

    Posted Fri February 25, 2011 03:12 PM

    Keypair contains privatekey.pem and publickey.pem, as below for your reference.

    keypair.pem, it content as below:

    –Begin Certification—
    publickey content
    –End Certification—
    –Begin Private Certification—
    Privatekey content
    –End Private Certification—


    #Integration-Server-and-ESB
    #webMethods-Archive
    #webMethods


  • 11.  RE: Create keystore

    Posted Tue May 15, 2012 12:20 PM

    Hi,

    Could anyone please tell me how to add the public key to private key.pem file?


    Thanks,
    Ambrish.


    #webMethods-Archive
    #webMethods
    #Integration-Server-and-ESB


  • 12.  RE: Create keystore

    Posted Tue May 15, 2012 05:15 PM

    Did you check the IS8.x Admin documentation that should normally cover this topic?


    #webMethods
    #Integration-Server-and-ESB
    #webMethods-Archive