Exchanging SSL Signer Certificates from Keystore to Client's Truststore

Use this procedure to exchange the SSL Signer certificates from the port. This procedure will transfer the signer certificates of the IOS server's keystore to the client's truststore

  1. Start all the servers and nodes on the IOS server-side.
  2. Navigate to Security > SSL certificate and key management > Key stores and certificates > select the truststore of the selected SSL Configuration > Signer Certificates > Retrieve from port.
  3. Provide the following details:
    Entry Value
    Host Use the IOS server’s URL or IP address.
    Port The value of this field depends on the value of the IOS server’s Client Certificate authentication on CSIv2 inbound communications.
    Host Provide a name for the signer certificate.

    Refer to the table below for the Client Certificate authentication information:

    Client Certificate authentication Port Value
    Never CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS
    Supported CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS or CSIV2_SSL_ MUTUALAUTH _LISTENER_ADDRESS
    Required CSIV2_SSL_ MUTUALAUTH _LISTENER_ADDRESS

    To obtain the port values, navigate to Servers > Websphere application servers > Click the server > Communications > expand Ports.

  4. Click Retrieve signer information.
  5. Click OK and save the changes to master configuration.