Create the Java™ truststore
for the client and import the SOAP Gateway server
certificate into the client truststore so that the client can authenticate
the server.
To create the Java truststore
for the client and import the SOAP Gateway server
certificate:
- Create the Java truststore
for the SOAP Gateway client
(client.truststore.ks).
keytool -genkey -alias client.truststore
-dname "CN=IMS Client Truststore, OU=IBM SWG, O=IBM, C=US"
-keyalg RSA -keypass password -storepass password
-keystore "/path/to/client.truststore.ks"
- Import the SOAP Gateway server
certificate (server.keystore.cer) into the client truststore (client.truststore.ks).
Provide an alias by which the certificate is to be identified.
Important: When you import a new trusted certificate,
the alias must not yet exist in the keystore.
keytool -import -v -trustcacerts -alias server
-file "path/to/server.keystore.cer" -keystore "path/to/client.truststore.ks"
-keypass password -storepass password
The keytool utility prompts you about whether to import
the certificate to your keystore:
Owner: CN="mycompany.somewhere.com OU=IBM SWG", O=IBM, C=US
Issuer: CN="mycompany.somewhere.com OU=IBM SWG", O=IBM, C=US
Serial number: 49f91548
Valid from: 4/29/09 8:04 PM until: 7/28/09 8:04 PM
Certificate fingerprints:
MD5: 72:B3:26:F8:34:94:14:F3:30:4F:AD:6B:8C:D9:EE:FF
SHA1: E5:AD:B0:D5:EB:B8:E9:57:DB:FA:D2:CD:4D:C5:43:52:58:B2:85:77
Trust this certificate? [no]:
- Enter yes.
The
following result displays:
Certificate was added to keystore
[Saving path/to/client.truststore.ks ]