Resolve "SSL signer from target host is not found in trust store" in WebSphere

Home > Search
  by

This message can appear when doing a variety of different tasks in WebSphere, such as when attempting to stop or start the dmgr.

~]# stopManager.sh
*** SSL SIGNER EXCHANGE PROMPT ***
SSL signer from target host 10.1.2.3 is not found in trust store" in WebSphere trust.p12

 

The public certificate (aka "signer") that is not in the trust store will be displayed.

Subject DN:    CN=default, OU=FreeKB, O=FreeKB, L=Appleton, ST=WI, C=US
Issuer DN:     CN=default, OU=FreeKB, O=FreeKB, L=Appleton, ST=WI, C=US
Serial number: 123456789
Expires:       Sat Sep 08 21:52:15 CDT 2018
SHA-1 Digest   C7:EF:Fb:94:CA:55:67:E3:68:28:CA:93:94:96:50:B1:1D:D3:9D:42
MD5 Digest:    3A:B4:CE:1E:CA:A1:0B:7D:2A:16:55:EF:35:60:AE:DF

 

You will be prompted to add the public certificate to the trust store. 

Add signer to the trust store now? (y/n)

 

If you know the public certificate is trusted, select yes to add the public certificate to the trust store. You typically will want to add the public certificate to the trust store, as you may be unable to do certain things if the public certificate is not in the trust store. For example, you may be unable to start or stop the dmgr if the public certificate is not in the trust store.

~]# startManager.sh
CWPKI0022E: SSL HANDSHAKE FAILURE
CWPKI0040I: An SSL handshake failure occurred from a secure client.

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments