Category Archives: Security

IKEYMAN commands

./jre17/bin/ikeycmd -cert -list -db ./keystore.jks -pw password   ./jre17/bin/ikeycmd -cert -details -label “mycert.ibm.com” -db ./keystore.jks -pw password   ./jre17/bin/ikeycmd -cert -delete -label “mycert.ibm.com” -db ./keystore.jks -pw password   ./jre17/bin/ikeycmd -cert -receive -file mycert.cer -db ./keystore.jks -pw password -format ascii Advertisements

Posted in Security | Tagged ,

OpenSSL and Keytool basic commands

Create a self-signed certificate: openssl  req  -x509  -nodes  -newkey rsa:2048  -days 365  -keyout mykey.key \ -out mycert.crt  -subj “/C=US/ST=Chicago/L=Town/O=Abc Inc/CN=example.com“ Generate a CSR and private key: openssl req -new -nodes -newkey rsa:2048  -keyout mykey.key \ -out mycert.csr –subj “/C=OM/ST=Muscat/L=Muscat/O=Abc/OU=IT/CN=abc.com“ Generate a self-signed … Continue reading

Posted in LFCE, LFCS, Linux, Security

Encode passwords in property and response files using WebSphere utilities

You can run PropFilePasswordEncoder and ResponseFilePasswordEncoder utilities in WebSphere Application Server to encode the property and response file passwords. Encode passwords in WebSphere property files: USAGE:  PropFilePasswordEncoder  file_name  password_properties_list  [-Backup/-noBackup] EXAMPLE: <was_home>/bin/PropFilePasswordEncoder  <profile_root>/properties/soap.client.props   com.ibm.SOAP.loginPassword  -Backup Encode passwords in WebSphere response … Continue reading

Posted in Security, WebSphere Application Server | Tagged , | Leave a comment

Best practices for creating and securing a page and portlet hierarchy

Follow these best practices for creating and securing a page and portlet hierarchy: Organize the hierarchy to permit security through inheritance. Assign roles NO higher than Privilege User role to average portal user. Lock container content to prevent users from … Continue reading

Posted in Security, WebSphere Portal | Leave a comment

All the signer certificates must exist in the key database error while adding a cert into keystore

Usually the public certificate is sent in the following format: —–BEGIN CERTIFICATE—– MIIGGTCCBcOgAwIBAgIKIB35vgACAAAAnjANBgkqhkiG9w0BAQUFADBAMQswCQYD VQQGEwJTRzExMC8GA1UEAxMoVEVTVFNQIEVudGVycHJpc2UgU3Vib3JkaW5hdGUg —–END CERTIFICATE—– You may need to save the contents into a file such as cert-base64.arm. When you add the certificate under Signer Certificates into a keystore, … Continue reading

Posted in Security, Web Server | Leave a comment

Creating Custom Secure Sockets Layer (SSL) Key Files for WAS V6.0 using a CA Certificate

Please follow the IBM technote: http://www-01.ibm.com/support/docview.wss?uid=swg21246253

Posted in Security, WAS, Web Server, WebSphere Portal

Configuring WebSphere Portal v6.1 to use samAccountName as the login

I was able to resolve the issue by removing the following line from wimconfig.xml file: <config:loginProperties>cn</config:loginProperties> OR <config:loginProperties>uid</config:loginProperties> But note that you need to map sAMAccountName in AD with uid in WP.    

Posted in Active Directory, Security, WebSphere Portal | Leave a comment