To enable SSL between IBM
® running on IBM
i and an LDAP server, import the server's trusted root certificate into the keystore file.
Before you begin
Make sure you have copied the trusted root certificate from the LDAP server into the Sametime
server's data directory. The data type should be Base64-encoded ASCII
. The file format can be .CER
About this task
Follow the steps below to import the SSL certificate into the keystore file on the Sametime
Parent topic: Importing a copy of the LDAP server's trusted root certificate
- From an IBM i command line, run the following command to start qshell:
- From qshell, run the following keytool command:
keytool -import -alias certificate_name
- certificate_name is CA.txt
- certificate_filename is also CA.txt
- keystore_password is "sametime."
Note: On IBM i versions of Sametime, the keystore is called "stkeys.jks" and uses "sametime" as the default password
- keystore_path_and_filename is stserver/data/stkeys.jks
keytool -import -alias stserver1cert
- After you have imported the certificate, use the following command to view the list of certificates in the stkeys.jks file and verify that the certificate was imported successfully:
keytool -list -storepass keystore_password
keytool -list -storepass sametime
- Press F3 to exit qshell.