Problem(Abstract)
Customer can define IHS SSL virtualhost and create CMS keystore for that SSL virtualhost from WAS admin console. And WAS expiration management will automatically renew the self-signed certificate in that CMS keystore. However, the renewed self-signed certificate is not automatically propagated to the keystore in IHS webserver directory.
Resolving the problem
The typical IHS keystore and certificate management is done through Ikeyman, or GSKit command line certificate management, which is outside of WAS scope.
If key stores for IHS are managed in this way, two steps are required to have the changes take effect.
* Customer has to manually click "Copy to Web server key store directory" to make the renewed self-signed certificate take effect.
* Customer must restart IHS (changes to key stores are not picked up dynamically.
* Customer has to manually click "Copy to Web server key store directory" to make the renewed self-signed certificate take effect.
* Customer must restart IHS (changes to key stores are not picked up dynamically.
댓글 없음:
댓글 쓰기