Making server certificates available to clients
The following is a summary of the steps required to make a certificate available to download
clients that connect securely to the Redirector or any other telnet server.
- If the clients connect to a server, obtain a copy of the server's certificate.
The Redirector's certificate can be extracted directly when created or received
in Certificate Management.
- Add the certificate to the certificate container, CustomizedCAs.p12 (if it exists) and
- Make CustomizedCAs.p12 or CustomizedCAs.class available to clients.
Take the following steps to do this using the Certificate Management utility:
- On a Windows server, click Start > Programs > IBM WebSphere Host On-Demand >
Administration > Certificate Management.
- Open the CustomizedCAs.p12 file using the password hod.
||Starting with Host On-Demand Version 8, you can no longer create or update
CustomizedCAs.class using the Certificate Management utility (IKEYMAN) on Windows and AIX platforms.
The utility only allows you to create or update a newer version of this file
called CustomizedCAs.p12. In order to update CustomizedCAs.class, you
must run a reverse-migration tool. For more information, refer to
Migrating from CustomizedCAs.class to CustomizedCAs.p12.
- Select Signers from the drop-down list and click the Add button.
- Enter the location of the file where the server certificate has been extracted.
- Enter a label for the certificate and click OK.
- Make sure that the certificate label is visible in the list of signers.
- On an AIX server, enter CertificateManagement from a command prompt. The default
location of the AIX script is /usr/opt/hostondemand/bin. Please refer to
Running Certificate Management on AIX.
- Follow the instructions in the Help for making certificates available to clients.
- Exit Certificate Management.
When you have finished working with certificates, you must
configure the Host On-Demand clients to use SSL.