Google Chrome plans to distrust Symantec, GeoTrust, Thawte SSLs.   Chat Now  or    Call (888) 266-6361 to switch to a trusted SSL.
Home » SSL CSR Generation » IBM WebSphere Single Server Edition 4.0

Contact Sales


Tel: +1 (888) 266-6361
Tel: +1 (703) 581-6361

Supported Browsers:

SSL Browser


Webtrust Webtrust
EV Code Signing Certificate Authority SSL Certificate Authority
Certification Authorities

Before being able to enable SSL on WebSphere, you need to have your own certificate. This certificate can be a self-certificate for testing purpose but in any case, you should have a certificate issued by a Trusted CA. The following steps describe how to get your own certificate.

Creating a keystore

A keystore is where your private key will be saved, in a secure way, and the certificate belongs to it. This keystore can be created either with the SUN keytool or with ikeyman a tool from IBM that is distributed with WebSphere Advanced Single Server Edition 4.0.

Starting ikeyman tool

The command to start it is:
Once it is started, the following screen appears:

IBM Key Management

Specifying a keystore

From the main application, you can either use an existing keystore or create a new one. In the example below, we want to create a new keystore that will be used only by WebSphere.
In the IBM Key Management console, select the option Key Database File/New. A dialog box will appear:

Specifying  Key Store in IBM WebSphere

The options are:

Key database typeJKS
File NameThe name of the keystore. In the example: .keystore
LocationThe location of the keystore. In the example: /usr/bin/java/websphere/bin

Creating a certificate request

First, need to create a certificate request before getting your certificate. The certificate request is created in Create/New Certificate Request. A new dialog box will appear where you are asked to enter some information:

New Key Creation and Certificate Request in IBM WebSphere

The options are:

Key LabelA name that identifies the request in list screen. For instance, sitecert
Key SizeUse the default value of 2048
Common NameThis is the Fully Qualified Domain Name, this is what will be in the URL after (but not including) the 'http://' and before the next '/'.
OrganizationThe Organization name. Example Comodo
Organization UnitThe Organizational Unit. Example R&D
Locality:The city of your organization. Example New York
State/Province: The state or province of your organization. Example New York
Country: The country of your organization. Example USA
Request file name: This is the name of the file where your CSR will be created.
In the example: /usr/bin/java/websphere/bin/certreq.arm
Now click on OK to generate your request. When the request is created, a key pair is also generated (a private key only stored in the keystore and a public key stored in the certificate you receive). If the request is successfully created, a dialog should inform you about it:

Creation of SSL Certificate

You will need the contents of this file when applying for your SSL Certificate.