Skip to main content link. Accesskey S
  • Log In
  • Help
  • IBM Logo
  • IBM Connections wiki
  • All Wikis
  • All Forums
  • Home
  • Product Documentation
  • Community Articles
  • Learning Center
  • IBM Redbooks
  • API Documentation
Search
Community Articles > IBM Collaboration QuickStart for Social Business > How to use Self-Signed Certificates with IBM Connections in your Development Environment
  • New Article
  • Share Show Menu▼
  • Subscribe Show Menu▼

About the Original Author

Click to view profileIBM contributorPaul Bastide
Contribution Summary:
  • Articles authored: 9
  • Articles edited: 0
  • Comments Posted: 0

Recent articles by this author

Known Issues
This document outlines known issues with the quickstart and fixes or links to instructions. SMTP Internet Site Issue The Quickstart uses best practices to manage access to services and sites using Internet Sites Documents. The SMTP site is not updated with the new hostname of the image. You ...

Management Scripts and Commands
The IBM Collaboration QuickStart for Social Business enables developers to more easily manage the Collaboration Services and corresponding supporting services. Developers should follow the instructions for accessing the instance via SSH. The instructions are available at: ...

Adding Secure Communications to your Development Environment
IBM Connections, IBM Domino, and IBM Sametime provide Application Programming Interfaces (APIs) over HTTP. These communications can occur over an unencrypted channel such as HTTP on Port 80, or over an encrypted channel such as HTTPS on Port 443. The IBM SmartCloud for Social Business only allows ...

Getting Started with IBM Connections API via OAuth
This article focuses on the use of OAuth when developing with IBM Connections API, including administrative set up, OAuth endpoints, and URL Patterns.

Adding iWidget to My Profile for the IBM Quickstart
As a developer, one may wish to extend a user's profile using an iWidget to present relevant social artifacts from a 3rd party application. If one were using the Acme Airlines Social Sample from the IBM Social Business Toolkit, one may wish to present a user's flights in an iWidget. There are a ...
Community articleHow to use Self-Signed Certificates with IBM Connections in your Development Environment
Added by IBM contributorPaul Bastide on June 28, 2013 | Version 1
  • Edit
  • More Actions Show Menu▼
Rate this article 1 starsRate this article 2 starsRate this article 3 starsRate this article 4 starsRate this article 5 stars
expanded Abstract
collapsed Abstract
No abstract provided.
Tags: cacerts, sbtsdk, ibmsbt, sbt, certificates, quickstart
When developing an integration between IBM Connections and your Development Instance, you may be using a self-signed certificate.
You can run into issues, where the core Java components which call your webservice throw errors.

For instance your error may be:
java.io.FilePermission C:\Program Files (x86)\IBM\WebSphere\AppServer\java\jre\lib\security\cacerts read

The error means that your service is in an untrusted root (generally that's an untrusted self signed certificate - which is it's own trusted root)

You should extract the self-signed certificate from the web service. If you can get to it via browser, what you can do is, extract the certificate

Click the HTTPS lock icon infront of your webservice
Click More Information
Click Security Tab
Click View Certificate
Click Details Tab
Click Export
Give it a name like HTTP.pem


alternatively, you can use openssl to get the PEM file (mac / linux)
HOSTNAME=SERver.ibm.com
echo "" | openssl s_client -prexit -connect ${HOSTNAME}:443 2> /dev/null | sed -n -e '/BEGIN CERTIFICATE/,/END CERTIFICATE/ p' > http.pem

Copy the PEM to your Connections Server for instance c:\http.pem

Run the Keytool to import the cacerts
C:\Program Files (x86)\IBM\WebSphere\AppServer\java\bin\keytool -import -file c:\http.arm -alias HTTP -keystore "C:\Program Files (x86)\IBM\WebSphere\AppServer\java\jre\lib\security\cacerts" -storepass WebAS -storetype PKCS12 -v

You may then restart your Connections Server in order to do so.

  • Edit
  • More Actions Show Menu▼


expanded Attachments (0)
collapsed Attachments (0)
Edit the article to add or modify attachments.
expanded Versions (1)
collapsed Versions (1)
Version Comparison     
VersionDateChanged by              Summary of changes
This version (1)Jun 28, 2013 11:48:05 AMPaul Bastide  IBM contributor
expanded Comments (0)
collapsed Comments (0)
Copy and paste this wiki markup to link to this article from another article in this wiki.
Go ElsewhereStay ConnectedHelpAbout
  • IBM Collaboration Solutions wikis
  • IBM developerWorks
  • IBM Software support
  • Twitter LinkIBMSocialBizUX on Twitter
  • FacebookIBMSocialBizUX on Facebook
  • ForumsLotus product forums
  • BlogsIBM Social Business UX blog
  • Community LinkThe Social Lounge
  • Wiki Help
  • Forgot user name/password
  • Wiki design feedback
  • Content feedback
  • About the wiki
  • About IBM
  • Privacy
  • Accessibility
  • IBM Terms of use
  • Wiki terms of use