If you are configured to use TLS between the SIP Edge proxy
and the Sametime® SIP
Proxy/Registrar, then you need to exchange certificates between two
servers.
About this task
These instructions are for the default certificate. This
certificate is meant for internal communications (not meant to act
as a CA). Exchange the root certificates between WebSphere® proxy servers so that you can
change the personal certificate without any impact on communication
between the SIP Edge proxy and the SIP Proxy/Registrar.
Procedure
- Follow these instructions to extract the root certificate
from the WebSphere proxy
server that operates with the SIP Edge proxy cluster:
- In the WebSphere Application
Server administrative console hosting the WebSphere proxy server that operates with
the SIP Edge proxy cluster, click .
- Select CellDefaultTrustStore.
- Click Signer certificates.
- Select the root certificate.
- Click Extract.
- Specify the file name and click OK.
- Copy the extracted certificate to a location from which
the WebSphere proxy server
that operates with the SIP Proxy/Registrar cluster can retrieve the
file.
- Follow these instructions to import the SIP Edge proxy's
root certificate into the SIP Proxy/Registrar:
- In the WebSphere Application
Server Integrated Solutions Console hosting the WebSphere proxy that operated with the
SIP Proxy/Registrar, click .
- Click .
- Click Add.
- In the Alias field, type a description
for the certificate (for example, sip-edge-proxy-root-cert).
In the File name field, type the path to the
certificate file.
- Click OK.
- Click Save.
- Stop and restart all WebSphere Application
Server processes hosting the SIP Proxy/Registrar.
Note: The instructions for importing the SIP Proxy/Registrar's
root certificate into the SIP Edge proxy server are similar.