Cisco Cisco Prime Service Catalog 10.0 Technical References
5-53
Cisco Prime Service Catalog 10.0 Configuration Guide
OL-31034-01
Chapter 5 System Administration
Configuring SSL for Service Link Inbound Documents
Step 9
Click OK.
Step 10
Click Save directly to the master configuration.
Step 11
Restart the WebSphere server where Service Link is deployed.
Step 12
Look in the log file “SystemOut.log” for messages similar to the following, to ensure that the WebSphere
server has started up in secure port (i.e. port 9443):
server has started up in secure port (i.e. port 9443):
TCPC0001I: TCP Channel TCP_4 is listening on host * (IPv4) port 9443.
CHFW0019I: The Transport Channel Service has started chain WCInboundDefaultSecure.
Your Service Link service is now SSL-enabled, and is using the “servicelink” certificate that you
imported from file “slkeystore.jks”.
imported from file “slkeystore.jks”.
Step 13
If you decide to disable the nonsecure port for the Service Link service, send file “slsigner.cer” (that you
created at the beginning of this chapter) to the system administrator who manages the external system.
That file contains the signer certificate for the “servicelink” certificate. It must be imported into the
truststore of the external system, so that the external system can establish a trusted handshake with the
Service Link service during SSL connection. In addition, the external system needs to connect to the
https URL of the Service Link application. For example, previously, the Service Link URL may look
like “http://<servername>:9080/ IntegrationServer/ ishttplistener/<agent_name>”. The URL must now
be changed to “https://<servername>:9443/IntegrationServer/ishttplistener/<agent_name>”.
created at the beginning of this chapter) to the system administrator who manages the external system.
That file contains the signer certificate for the “servicelink” certificate. It must be imported into the
truststore of the external system, so that the external system can establish a trusted handshake with the
Service Link service during SSL connection. In addition, the external system needs to connect to the
https URL of the Service Link application. For example, previously, the Service Link URL may look
like “http://<servername>:9080/ IntegrationServer/ ishttplistener/<agent_name>”. The URL must now
be changed to “https://<servername>:9443/IntegrationServer/ishttplistener/<agent_name>”.
Step 14
If you have not created the file “slsigner.cer”, you can do so now, by performing the following procedure:
a.
Navigate back to the Key stores and certificates > NodeDefaultKeyStore > Personal certificates
page.
page.