Setting up Sametime Gateway to use a new certificateAdded by IBM | Edited by Mary Jrolf on October 30, 2013 | Version 20 (Show original)
|Set up IBM® Sametime® Gateway server to use the new certificates.
Set up IBM
® Gateway server to use the new certificates.
1. Log in to the Integrated Solutions Console as the WebSphere administrator.
2. Apply the new certificate to the Gateway Server's Inbound node:
- Click Security > SSL certificate and key management > Configuration settings > Manage endpoint security configurations.
- Expand the Inbound node, and then expand all levels nested within Nodes.
- In the tree view, click the Sametime Gateway server.
- On the Configuration page, look in the Specific SSL configuration for this endpoint section and select Override inherited values if this option is available.
- Select NodeDefaultSSLSettings in the SSL configuration list.
- Click Update certificate alias list.
- Select the certificate alias from the Certificate alias in key store list that you specified when you received the certificates from the CA.
- Click Apply.
- Save the change to the master configuration by clicking Save in the "Messages" box.
3. Apply the certificate to the Outbound node by repeating step 2.
4. Now set up the SSL configuration:
- From the Integrated Solutions Console, click Security > SSL certificate and key management > SSL Configurations.
- Click NodeDefaultSSLSettings.
- Click Get certificate aliases.
- Select your certificate alias as the default server certificate alias.
- Select your certificate alias as the default client certificate alias.
- Click Apply, and then Save.
Parent topic: Setting up SSL on a single server
Previous topic: Importing a signed certificate issued into the keystore
Next topic: Replacing and renewing a certificate for a single Gateway server
Starting the Sametime System Console
5. Restart the Sametime
Gateway server or cluster:
- For a standalone: the single Java™ process.
- For a cluster configuration: restart the following components:
- Deployment manager
- All Sametime Gateway nodes
- All XMPP proxy servers
- All SIP proxy servers
You do not need to restart the node agents.