Download
Abstract
A command-line tool checks expiration dates of all SSL certificates defined in WebSphere Application Server SSL repositories. WAS versions 5.1 and 6.0 only are supported. Later v
Download Description
ACert is a command-line tool that checks the WebSphere Application Server expiration dates of all SSL certificates defined in Application Server SSL repertoires. The expiration dates of each certificate are displayed.
Checking SSL certificates can help avoid application failures due to expired SSL certificates used for authentication within the Application Server and secure communications between the Application Server and the plug-in running within a Web server.
ACert does not check the WebSphere truststore for expired certificates, only SSL certificates that are defined in SSL repertoires.
ACert does not support WebSphere Applicate Server 6.1 and later. These versions have incorporated features into the administrative console that display details SSL repertoire information, including certificate expiration dates.
History:
- 10 July 2005: Updated to reflect support for V6.0
- 13 April 2005: Updated Windows image to resolve usage issues
- 14 March 2005: Provided Windows, UNIX and iSeries unique images to simplify installation
- 10 March 2005: Revised installation instructions
- 31 March 2004: Created
Prerequisites
WebSphere Application Server V5.0, V5.1 or V6.0 installation.
Installation Instructions
To install ACert on Windows (WebSphere 5.x), unzip the file into the root directory of the WebSphere Application Server to be checked:
- For WebSphere Application Server base, unzip
ACert.zip
into the install_root directory. For example, c:\WebSphere\AppServer
- For Network Deployment, unzip into the Network Deployment nd_install_root directory.
- If there is any possibility that different certificates have been installed in other nodes, or if you are not sure whether unique certificates will be installed on some nodes, unzip ACert into those nodes as well.
Instructions for "Using JAR to open WebSphere Fix Pack zip files" are below.
To launch the tool on Microsoft Windows (WebSphere 5.x):
- Open a command window.
- Change directory to install_root\bin . If you are running ACert in a Network Deployment environment, change to the
nd_install_root\bin
directory.
- Type
launchacert.bat
and pressEnter
.
- Note: In previous versions of ACert, a mistake in the bat file prevented it from launching correctly, particularly if WebSphere installed in a directory containing blanks in the directory name (such as Program Files). The phrase
com.ibm.ws.bootstrap.WSLauncher ACert %"WAS_HOME"%
orcom.ibm.ws.bootstrap.WSLauncher ACert %WAS_HOME%
should read,com.ibm.ws.bootstrap.WSLauncher ACert "%WAS_HOME%"
- On Windows, be sure to execute
launchACert.bat
.launchACert
(no file extension) is a launch script for AS/400.
To install ACert on Windows (WebSphere 6.x), unzip the file into the profile directory of the profile to be checked:
- For example, c:\WebSphere\AppServer\profiles\dmgr
- If there is any possibility that different certificates have been installed in other profiles or other nodes, or if you are not sure whether unique certificates will be installed on some nodes, unzip ACert into those nodes or profiles as well.
Instructions for "Using JAR to open WebSphere Fix Pack zip files" are below.
To launch the tool on Microsoft Windows (WebSphere 6.x):
- Open a command window.
- Change directory to install_root\profiles\profile_namebin .
- Type
launchacert.bat
and pressEnter
.
- Note: In previous versions of ACert, a mistake in the bat file prevented it from launching correctly, particularly if WebSphere installed in a directory containing blanks in the directory name (such as Program Files). The phrase
com.ibm.ws.bootstrap.WSLauncher ACert %"WAS_HOME"%
orcom.ibm.ws.bootstrap.WSLauncher ACert %WAS_HOME%
should read,com.ibm.ws.bootstrap.WSLauncher ACert "%WAS_HOME%"
- On Windows, be sure to execute
launchACert.bat
.launchACert
(no file extension) is a launch script for AS/400.
To install ACert on UNIX (WebSphere 5.x), unjar the file into the root directory of the WebSphere Application Server to be checked:
- For WebSphere Application Server base, copy the jar file
ACertUnixWAS5.jar
into the install_root directory, such as/usr/WebSphere/AppServer
, then
- Unjar using the
jar -xvf ACertUnixWAS5.jar
command.
- For Network Deployment, unjar into the Network Deployment nd_install_root directory.
- If there is any possibility that different certificates have been installed in other nodes, or if you are not sure whether unique certificates will be installed on some nodes, unjar
ACertUnixWAS5.jar
into those nodes as well.
To install ACert on UNIX (WebSphere 6.x), unjar the file into the profile directory of the WebSphere Application Server to be checked:
- For example, copy the jar file
ACertUnixWAS6.jar
into/usr/WebSphere/AppServer/profiles/dmgr
, then
- Unjar using the
jar -xvf ACertUnixWAS6.jar
command.
- If there is any possibility that different certificates have been installed in other nodes or profiles, or if you are not sure whether unique certificates will be installed on some nodes, unjar
ACertUnixWAS6.jar
into those nodes or profiles as well.
To launch ACert on UNIX (WebSphere 5.x):
- Open a shell window.
- Change directory to
install_root/bin
. If you are running ACert in a Network Deployment environment, change to thend_install_root/bin
directory.
- Make the script executable using
chmod +x launchACert.sh
,
- Type
./launchACert.sh
and pressEnter
.
To launch ACert on UNIX (WebSphere 6.x):
- Open a shell window.
- Change directory to
install_root/profiles/profile_namebin
. If you are running ACert in a Network Deployment environment, change to thend_install_root/bin
directory.
- Make the script executable using
chmod +x launchACert.sh
,
- Type
./launchACert.sh
and pressEnter
.
To launch ACert on iSeries:
- Open a shell window.
- Unjar the contents of the
ACertISeries.jar
file to/QIBM/ProdData/WebAS5/Base
. This will result in the ACert class file going under the classes subdirectory and the UNIX, windows and iSeries scripts being placed in the bin subdirectory.
- (Optional) Customer can delete
/QIBM/ProdData/WebAS5/Base/bin/launchACert.sh
andlaunchACert.bat
files.
- Enter the QShell environment by typing
STRQSH
on an OS/400 command line and pressEnter
.
- Type
cd /QIBM/ProdData/WebAS5/Base/bin
and pressEnter
.
- Type
launchACert -instance myinst
and pressEnter
.
Technical Support
1-800-IBM-SERV (US calls only)
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg24006797