The client, which is the ABAP server requires the signer
portion of a personal certificate for Security Socket Layer (SSL)
communication to establish trust with the WebSphere® Application Server. You extract
the public key, which is called a signer certificate to a file, then
import the certificate into the ABAP server. You then export the ABAP
SSL certificate and import it into the WebSphere Application Server.
About this task
Signer certificates are added to a keystore on the client
side of an SSL communication to establish trust with the server. You
extract a signer certificate from the keystore to a file and then
import the signer certificate into another keystore.
Procedure
Extract the WebSphere Application
Server SSL certificate.
- Log in to the WebSphere Application
Server administrative console by pointing a browser to http://localhost:9060/ibm/console
- Go to the SSL keystore. From the administrative console,
click . The SSL
certificate and key management page opens.
- Under Related Items, click Key stores and certificates.
- On the Key stores and certificates page,
select the name NodeDefaultKeyStore. The General Properties page opens
for the NodeDefaultKeyStore.
- Under Additional Properties, click Personal
certificates.
- On the Personal certificates page,
select the check box next to default.
- Click Extract.
- On the Extract certificate page, specify
the path to store the exported certificate.
- Click Apply. The
exported certificate is stored in the file that is provided.
Import the connector application server SSL certificate.
- Start the STRUST transaction.
The Trust
Manager window opens.
- Double-click SSL client SSL Client (Anonymous) PSE
in the left pane.
- Click the Import certificate icon
in the lower left.

- Specify the name and path for the certificate to import
in the File path field. Select Binary for
the File format.
- Click the check mark to import the certificate.
- Click Add to Certificate List.
- Save the changes to the client PSE.

Extract the ABAP SSL certificate.
- Start the STRUST application.
The Trust
Manager window opens.
- Double-click SSL server Standard PSE
in the left pane.
- Double-click Own certificate to
load it into the Certificate List pane in the
lower right.
- Click the Export certificate icon
in lower left.

The Export Certificate window
opens.
- Specify the name and path for the certificate to export
in the File path field. Select Binary for
the File format.
- Click the check mark to save the certificate.

Import the ABAP SSL certificate file into the WebSphere Application Server.
- Go to the SSL truststore. From the administrative console,
click . The SSL
certificate and key management page opens.
- Under Related Items, click Key stores and certificates.
- On the Key stores and certificates page,
select the name NodeDefaultTrustStore. The General Properties page opens
for the NodeDefaultTrustStore.
- Under Additional Properties, click Signer certificates.
- On the Signer certificates page, select
the check box next to default.
- Click Add.
- Enter an alias for the signer certificate in the Alias field.
- Enter the full path to the ABAP SSL signer certificate
file in the File name field.
- Select a data type from the list in the Data
type field.
- Click Apply.