Network Deployment (Distributed operating systems), v8.0 > Set up intermediary services > Use the DataPower appliance manager


Add the DataPower signer certificate to the WAS default truststore to enable an SSL connection

When configuring a DataPower appliance when security is enabled, the signer certificate of the DataPower server must be added to the WAS default truststore to enable an SSL connection to be made from WAS to the DataPower server.

We can add the signer certificate of the DataPower server to the WAS default truststore to enable an SSL connection using the administrative console or by using the addSignerCertificate wsadmin command.

The DataPower signer certificate should be installed in the DataPower-root-ca-cert.pem file under the Deployment managers profile in the WAS_HOME/profiles/ <DMGR profile>/etc directory.


Procedure

  1. From the admin console, click Security > SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates > Add signer certificate.

  2. In the Alias box, enter an alias name in which to identify the DataPower signer certificate.

  3. In the File name box, enter the full path to the DataPower-root-ca-cert.pem file.

  4. Click Apply and Save.

    You can alternately use the addSignerCertificate wsadmin command to add the DataPower server to the WAS default truststore by entering the following: 

    wsadmin> AdminTask.addSignerCertificate('[-keyStoreName
CellDefaultTrustStore -certificateFilePath
c:/wasHomeDir/profiles/Dmgr01/etc/DataPower-root-ca-cert.pem
-certificateAlias datapower ]').

    If the DataPower-root-ca-cert.pem certificate file is not installed on the system, you can retrieve the DataPower certificate from the port using the admin console:

    1. Click Security > SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates > Retrieve from port.

    2. In the Host box, enter the DataPower server hostname.

    3. In the Port box, enter the port of the DataPower server.

    4. In the Alias box, enter an alias name to identify the DataPower signer certificate.

    5. Click Retrieve signer information.

    6. Verify that the certificate information is correct, then click Apply and Save


SSL communication with DataPower
Use the DataPower appliance manager

+

Search Tips   |   Advanced Search