keystore file. This keystore contains a certificate which has a CN of ‘localhost’ with the Root of Serena Sample CA-2. This file is located in the $Tomcat\ conf directory.
1. Obtain a Certificate Authority (CA) root certificate and generated keypair certificates for the SBM hostname and the ZMF Connector hostname, signed by the CA root certificate . SBM should be configured to use two-way SSL with these certificates. Refer to the SBM documentation on Documentation Center or from the SBM interface, especially the SBM Configurator Help.
\Serena\ Business Mashups \Common\jboss405\server\default\ conf 4. Open serena.keysore with IBM's Keyman, which can be found here: http://www.alphaworks.ibm.com/tech/keyman/download .
C:\Program Files\Serena\SBM\Common\jboss405\server\default\deploy\rlc.war\WEB-INF\classes\properties\config.properties In the lines that start with sbm .ae.ws.url, change the URL to be the server's name (or load balancer name) as entered in the SSL certificate . Restart JBoss.
The issue has been seen when IIS is configured to accept client certificates for all or some SBM virtual directories ( gsoap, tmtrack, workcenter, etc. ). The SBM configuration reports shows the virtual directory/application as " SSL Negotiate Certificate ".
SBM 2009 R4 has the ability to configure SBM for SSL using the Configuration Utility or Configurator. There are limits to SSL configuration using the Configurator. More can be found on this subject in the Installation Guide.
S139238 : "This access control list is not in canonical form and therefore cannot be modified" ENH266145: Configure deletes and re-adds SSL certificate every time the Apply is done. Other Issues with Configurator
