-
Open a Web browser and enter http://your_system:2001/ to load the IBM System Director Navigator for i5/OS Web console.
-
From the welcome page, click IBM i Tasks Page and select Digital Certificate Manager.
-
Select the Select a Certificate Store.
-
Select *SYSTEM.
-
From the left side menu, select Install Local CA Certificate on your PC.
-
Choose the Copy and Paste Certificate option.
-
Copy and paste that information to a file on your Linux system.
-
Add the Certificate to your Java keystore. The path used for the keystore is from the Java path used when installing Connect CDC. In the example below the Java path for Connect CDC is <jdk_install_path>/bin/keytool -import -keystore <jdk_install_path>/jre/lib/security/cacerts -file /home/tmp/certServerShare.arm -storepass changeit .
Keytool syntax:keytool -import –keystore <location of cacerts file> -file <location of file created from step 2> -storepass <password>
Note: The default password for the storepass parameter is “changeit” for Java unless it has been changed. The storepass parameter is not the same as the password to DCM. - If the command comes back with the message alias already exists, add –alias myalias (or other unused alias name) to the end of the keytool command.
- Enter yes for Trust this certificate?
Where the Java path for Connect CDC is “/usr/jdk1.8.0_151/bin”
[root@dobro tmp]# /usr/jdk1.8.0_151/bin/keytool -import -keystore /usr/jdk1.8.0_151/jre/lib/security/cacerts -file /home/tmp/certServerShare.arm -storepass changeit
Owner: CN=MIMIXShare, O=Share, L=Waltham, ST=Massachusetts, C=US
Issuer: CN=MIMIXShare, O=Share, L=Waltham, ST=Massachusetts, C=US
Serial number: 5a8c8078
Valid from: Mon Feb 19 15:09:28 EST 2018 until: Fri Feb 19 15:09:28 EST 2021
Certificate fingerprints:
MD5: D5:A3:45:86:2D:91:1F:64:05:F8:02:05:97:91:A4:26
SHA1: 24:64:95:D5:15:F5:6D:29:CE:29:2A:FD:71:38:3F:F8:2C:BA:97:A6
SHA256: 83:9F:F7:EB:DD:B3:CF:FF:4C:8E:17:A9:9F:EE:6F:B8:FD:6D:FA:F0:3A:73:7F:A4:1C:09:AD:8B:41:37:B6:04
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
Trust this certificate? [no]: yes
Certificate was added to keystore