Unable to access WebSphere Integrated Solutions Console after deleting self-signed certs

820 views Asked by At

I am new to WebSphere (as you can tell by my dated username) and I have made a mistake. While trying to address security concerns in my organization I deleted the self-signed certificates in WebSphere. This seems to have caused the Integrated Solutions Console to break. Our application hosted in WebSphere is still working fine.

Is there a way to use a Jython or Jacl script to recreate these certs and configure them properly? Or is there perhaps another way to get access to the Console?

The web browser (IE) complains about TLS errors when trying to load the Console page.

2

There are 2 answers

1
Alaine On BEST ANSWER

You can create a new certificate using the createSelfSignedCertificate command from wsadmin. You'll have to run wsadmin unconnected to the server.

So roughly

start wsadmin eg.

wsadmin -conntype none

Then run the createSelfSignedCertificate task. The keystore is likely NodeDefaultKeyStore if you are on a stand alone app server or CellDefaultKeyStore if you are on a ND environment. You have to provide a management scope if running unconnected. You can get the list or management scope with the listManagementScopes command. Fill in your hostname for the certificateCommonName parameter.

eg.

to get the list of management scopes

wsadmin> AdminTask.listManagementScopes()

to create a self-signed certificate

AdminTask.createSelfSignedCertificate('[-keyStoreName -keyStoreScope -certificateAlias -certificateCommonName -certificateOrganization ibm -certificateState us ]')

to save the changes AdminConfig.save()

0
Tommy On

If you just need to get into the console you can disable security in /config/cells/../security.xml

Just set "enabled=false" and restart the server. Using the console to create a new certificate should be easier than using wsadmin