Create self-signed certificates using scripting
Use the Jython or Jacl scripting language to create self-signed certificates with wsadmin.
Before starting this task, wsadmin must be running. See the Start wsadmin article for more information.
We can create self-signed certificates using the scripting and AdminTask. We can run the commands in interactive or batch mode.
Interactive mode provides a way to discover the flags that we need to run the task in batch mode.
Certificates reside inside of key stores. To run the commands, you will need the name of the key store to be supplied.
Use the listKeyStore command of AdminTask to get a list of key stores. If we need a new key store, use the createKeyStore command of AdminTask.
To create a personal key store, use the following examples:
- Interactive mode:
- Jython...AdminTask.createSelfSignedCertificate ('[-interactive]')
- Jacl...$AdminTask createSelfSignedCertificate -interactive
For example...
*Key Store Name (keyStoreName): keyStore
Key Store Scope Name (keyStoreScope): *Certificate Alias (certificateAlias): newCert "Certificate Version" (certificateVersion): 3 *Key Size (certificateSize): [1024] *Common Name (certificateCommonName): localhost *Organization (certificateOrganization): workgroup
Organizational Unit (certificateOrganizationalUnit): testing cert
Locality (certificateLocality): mpls
State (certificateState):
Texas Zip (certificateZip): 78757
Country (certificateCountry): [US]
Validity Period (certificateValidDays): [365]
Create Self-Signed CertificateF (Finish) C (Cancel)
Select [F, C]: [F]
WASX7278I: Generated command line: $AdminTask createSelfSignedCertificate {-keyStoreName keyStore -certificateAlias newCert -certificateVersion 3 -certificateCommonName localhost -certificateOrganization ibm -certificateOrganizationalUnit testing -certificateLocality mpls -certificateState Texas -certificateZip 78757 } true
At the end of the output, the batch mode parameters are provided.
- Batch mode:
- Jython...AdminTask.createSelfSignedCertificate ('[-keyStoreName keyStore -certificateAlias newCert -certificateVersion 3 -certificateSize 1024 -certificateCommonName localhost -certificateOrganization ibm -certificateOrganizationalUnit testing -certificateLocality mpls -certificateState Texas -certificateZip 78757]')
- Jacl...$AdminTask createSelfSignedCertificate {-keyStoreName keyStore -certificateAlias newCert -certificateVersion 3 -certificateSize 1024 -certificateCommonName localhost -certificateOrganization ibm -certificateOrganizationalUnit testing -certificateLocality mpls -certificateState Texas -certificateZip 78757 }