A keystore contains your own private keys and certificates. In other words, these are the keys and certificates that you own, which will be used to encrypt the traffic to your WebSphere admin console and the apps running on WebSphere. A truststore contains third party certificates. In other words, this is a store of external or remote certificates that you trust, and these almost always should be certificates from a trusted certificate authority (CA).
- In the left panel of the WebSphere web console, expand Security and select SSL certificate and key management.
- Select SSL configurations.
- Select key stores and certificates.
- Select New.
- Complete the form to create a new keystore.
In this example, a keystore named myKeystore is created, and the keystore is using the DefaultKeystore.p12 file. Keystore files can be created using the keytool command. You may want to also view the keys in a keystore, to ensure the keys are still valid and have not expired.
After creating a new keystore, you will probably want to update your SSL default keystore to use your new keystore.