SSL Certificates Creation and Configuration in WebMethods Environment for Outbound

sivasubrahmanyam_chavalivenkat · January 14, 2014, 5:12pm

Hello - I am trying to establish oneway SSL with our partners during which I am facing some issues and request any suggestions and helpful points from the community.

I am using the Java KeyStore explorer 5.0 tool to create the certificates and here is what I did so far:

Created a new Keystore using Java Keystore explorer 5.0
Generated a new keypair using PKCS12 of size 2048 bits.
Generated the CSR PKCS10 and got it signed from the Certification Authorities.
Extracted the Private key from the Key pair generated and tried to use the same in the …/ssl/privatekey/ path and while testing the outbound connectivity, it was giving invalid privatekey error.
Tried to import the CA reply into the keypair but out of the 3 certificates received which certificates should we import and do I need to make any settings to make the CA reply trustable. (Currently it is giving an error message that can not trust CA reply)

Please let me know if I am missing any steps and/or configurations in the above process. Also, please share if anyone has any documentation on the step-by-step process for the same.

Thanks
Siva

rmg · January 14, 2014, 6:47pm

Please use this tool instead and check this ongoing thread:

Oliver_Maier · January 18, 2014, 5:57pm

Hi Siva,

the trust checks can be disabled in the preferences (Tools → Preferences → Trust Checks).

As for the question which one is the right certificate: KeyStore Explorer lets you import only certificates that match the key pair, so simply try all 3 and the one that works is the right one.

Regards
Oliver

rmg · January 21, 2014, 5:47pm

Thanks Oliver for the extra notes and chime in: