I was following commandline installation of CLM 6.0.5 with liberty profile (distributed environment) and I could complete the installation part of application successfully by following the ibm documents.
Also Ii have installed the IBM HTTP Server in separate server and now I need to do the SSL certificate import and handshake with the loberty profile.
The reference link which I am using here. - https://jazz.net/wiki/bin/view/Deployment/CLMDistributedSetupUsingLibertyProfile
part 1 -Create a key database and self-signed certificate for IHS
I completed these steps by below 2 Using gskcmd, command line and it was success.
On the IHS machine, Open a command terminal and cd to /bin, e.g. /opt/IBM/HTTPServer/bin, Create the key database ./gskcmd -keydb -create -db ihskeys.kdb -pw xxxxx -expire 3650 -stash -type cms Create the self-signed certificate for IHS URL ./gskcmd -cert -create -db ihskeys.kdb -label default -expire 3650 -size 2048 -dn "CN=xxxxx" -default_cert yes -pw xxxxx
But in part 2- Setup SSL Handshake between the Liberty profiles and IHS
I couldn't find any proper commandline guidance to do this through commands. From each application servers (JTS, CCM, QM, RM) I copied the default keystore files ([JAZZ_HOME]\server\liberty\servers\clm\resources\security\ibm-team-ssl.keystore) to IHS server and I need to import these keystore file to IHS kdb file through command line. I tried with various option and its getting failed.
./gskcapicmd -cert -import -db /opt/IBM/HTTPServer/ibm-team-ssl.keystore -pw ibm-team -target /opt/IBM/HTTPServer/key.kdb -target_pw ibm-team
it's giving error as invalid keystore format. Here my aim is to import these copied keystore files to IHS kdb file in personal certificate)
IHS includes two command-line certificate management tools, only the java-based "
[IHS Home]/bin/gskcmd" (aka ikeycmd) can read or write *.jks java keystores.