Open the script located at MS_home/bin/security_cert.sh
with a text editor. This is the content of the script: #!/bin/sh
# (C) Copyright IBM Corp. 2005 All Rights Reserved.
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# Note: This script requires $JDK_HOME to be defined and it requires
# JDK_HOME/bin/keytool to be present. This keytool is available in FULL JDK
# versions and may not be available in JRE versions of the install
# PLEASE DEFINE JDK HOME
JDK_HOME=/opt/IBM/WebSphere/AppServer6/java
PATH=${JDK_HOME}/bin:$PATH
# This script generates ALL the certificates and certificate stores required for
# ITCAMfWAS Product (DC/MS/Port Consolidator). Currently it populates
# certificates with validity of 7000 days. If you feel its too high replace
# validity period to a lower number according to your needs. Please Note: once
# limit is reached, Product will stop working when NodeAuthentication/SSL is ON
# Its your responsibility to re-generate the certificates and stores.
# Please replace ALL the certificates at DC, MS and PortCosolidator level.
# Partial replacement will NOT work
keytool -genkey -alias mgmttomgmt -keyalg RSA -keysize 1024 -sigalg MD5withRSA -validity 7000
-keypass cyanea94612 -keystore ./CyaneaMgmtStore -storepass cyanea94612 -dname
"cn=cyaneamgmt, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -genkey -alias dctomgmt -keyalg RSA -keysize 1024 -sigalg MD5withRSA -validity 7000
-keypass cyanea94612 -keystore ./CyaneaMgmtStore -storepass cyanea94612 -dname
"cn=cyaneadc, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -genkey -alias proxytomgmt -keyalg RSA -keysize 1024 -sigalg MD5withRSA
-validity 7000 -keypass cyanea94612 -keystore ./CyaneaMgmtStore -storepass cyanea94612
-dname "cn=cyaneaproxy, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -genkey -alias proxytodc -keyalg RSA -keysize 1024 -sigalg MD5withRSA
-validity 7000 -keypass oakland94612 -keystore ./CyaneaDCStore -storepass oakland94612
-dname "cn=cyaneaproxy, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -genkey -alias mgmttodc -keyalg RSA -keysize 1024 -sigalg MD5withRSA
-validity 7000 -keypass oakland94612 -keystore ./CyaneaDCStore -storepass oakland94612
-dname "cn=cyaneamgmt, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -genkey -alias mgmttoproxy -keyalg RSA -keysize 1024 -sigalg MD5withRSA
-validity 7000 -keypass oakland94612 -keystore ./CyaneaProxyStore -storepass oakland94612
-dname "cn=cyaneamgmt, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -genkey -alias dctoproxy -keyalg RSA -keysize 1024 -sigalg MD5withRSA
-validity 7000 -keypass oakland94612 -keystore ./CyaneaProxyStore -storepass oakland94612
-dname "cn=cyaneadc, OU=CyaneaComp, O=Cyanea, L=Oakland, ST=CA, C=US"
keytool -export -alias mgmttomgmt -keypass cyanea94612 -keystore ./CyaneaMgmtStore
-storepass cyanea94612 -file mgmttomgmt.cer
keytool -export -alias dctomgmt -keypass cyanea94612 -keystore ./CyaneaMgmtStore
-storepass cyanea94612 -file dctomgmt.cer
keytool -export -alias proxytomgmt -keypass cyanea94612 -keystore ./CyaneaMgmtStore
-storepass cyanea94612 -file proxytomgmt.cer
keytool -export -alias proxytodc -keypass oakland94612 -keystore ./CyaneaDCStore -storepass
oakland94612 -file proxytodc.cer
keytool -export -alias mgmttodc -keypass oakland94612 -keystore ./CyaneaDCStore -storepass
oakland94612 -file mgmttodc.cer
keytool -export -alias mgmttoproxy -keypass oakland94612 -keystore ./CyaneaProxyStore
-storepass oakland94612 -file mgmttoproxy.cer
keytool -export -alias dctoproxy -keypass oakland94612 -keystore ./CyaneaProxyStore
-storepass oakland94612 -file dctoproxy.cer
cp ./CyaneaMgmtStore ./CyaneaMgmtStore_Comm
cp ./CyaneaDCStore ./CyaneaDCStore_Comm
cp ./CyaneaProxyStore ./CyaneaProxyStore_Comm
keytool -keystore ./CyaneaMgmtStore_Comm -storepass cyanea94612 -import -alias mgmttodc
-file ./mgmttodc.cer
keytool -keystore ./CyaneaMgmtStore_Comm -storepass cyanea94612 -import -alias mgmttoproxy
-file ./mgmttoproxy.cer
keytool -keystore ./CyaneaDCStore_Comm -storepass oakland94612 -import -alias dctomgmt
-file ./dctomgmt.cer
keytool -keystore ./CyaneaDCStore_Comm -storepass oakland94612 -import -alias dctoproxy
-file ./dctoproxy.cer
keytool -keystore ./CyaneaProxyStore_Comm -storepass oakland94612 -import -alias proxytodc
-file ./proxytodc.cer
keytool -keystore ./CyaneaProxyStore_Comm -storepass oakland94612 -import -alias proxytomgmt
-file ./proxytomgmt.cer