WebSphere Issues


How to find Websphere Portal ports on which it’s listening

Filed under: WAS, WebSphere Portal — Ishtiaque @ 8:44 pm

– WAS/WP 5-6: C:/IBM/WebSphere/wp_profile/config/cells/DefaultNode/nodes/DefaultNode/serverindex.xml

-> Search key words adminhost, defaulthost, Websphere_Portal, server1

WP v6.1-7: You can run the following commands to list the ports:

-> ConfigEngine.bat list-server-ports -DWasPassword=password

-> ConfigEngine.bat list-server-ports-by-name -DServerName=WebSphere_Portal -DwasPassword=password

– WAS 6.1-7: C:/IBM/WebSphere/wp_profile/config/cells/node1/virtualhosts.xml

-> Search keywords port=

Find WP/WAS repository or registry config in a file

Filed under: WAS, WebSphere Portal — Ishtiaque @ 8:41 pm

WAS 6.0: C:IBMQuickrwp_profileconfigcellsDefaultNodesecurity.xml

WAS 6.1: C:IBMQuickrwp_profileconfigcellsDefaultNodewimconfigwimconfig.xml


Key store and trust store in WebSphere

Filed under: Security, WAS — Ishtiaque @ 7:04 pm

A key store (in JSSE terms) stores the personal certificate, which represents the X509Certificate, public key, and private key. This is the representation of the identity of this entity.

A key store contains the personal certificates that can be used as the identity for the SSL end point referencing the key store. If more than one certificate is present, a certificate alias on the SSL configuration specifies one of the personal certificates. When an SSL connection is made (on either the client or the server side), certificates may be exchanged. The personal certificate referenced by the SSL configuration and stored in the key store is the certificate that will be used.

A keystore contains both public keys and private keys. Public keys are stored as signer certificates, while private keys are stored as personal certificates. In WebSphere Application Server, adding keystore files to the configuration is different between client and server. For the client, a keystore file is added to a file, like the sas.client.props property file. For the server, a keystore file is added through the WebSphere Application Server administrative console.

A personal certificate represents the identity of the end point and contains a public and private key for signing/encrypting data.

A trust store (in JSSE terms) stores the X509Certificate and public key only (also referred to as a signer certificate). The trust store must contain all signer certificates from all other entities that it is trusting to make connections to or with. Without the signer of the remote entity, an SSLHandshakeException occurs with a message stating “No trusted certificate found.”

A trust store contains the signer certificates which this end point trusts when either making connections (from an outbound end point) or accepting connections (for an inbound end point).

The default server truststore is called the DummyServerTrustFile.jks file. The file is located in the ${USER_INSTALL_ROOT}/etc/ directory. The default password is WebAS. It is recommended that you create a new key file and trust file if you plan to use the certificate in a production environment.



Blog at WordPress.com.