Importing a keystore certificate into WebSphere for use with the EmailRelay service

If you configure IBM® Rational® ClearQuest® EmailRelay to use Simple Mail Transfer Protocol Security (SMTPS) as the communication protocol for your email server, you must import the signer certificate for your email server. Then, EmailRelay can communicate with the email server over SSL using SMTPS.

Procedure

  1. Configure IBM ClearQuest EmailRelay using the cqemailrelay.pl Perl script. Set the -usessl command parameter to yes. See the last line of this code example: 
    cqperl cqemailrelay.pl -dbset EmailRelay -userdb SAMPL -username admin -password secret -serverurl https://your-cqweb-server/cqweb/oslc/ -relaycfgdir C:\CQ.EmailRelay -mode postoffice -smtpserver your.smtp.server -smtpport 465 -smtpuser you@your.smtp.server -smtppassword secret -usessl yes
  2. Add the following line to the <properties> section of the IBM ClearQuest EmailRelay configuration file: C:\CQ.EmailRelay\cqemailrelay_cfg.xml: <property key="mail.smtps.ssl.protocols" val="SSLv3"/>
  3. Use the IBM WebSphere® administrative console to log in to the WebSphere Application Server profile on which you have ClearQuest deployed. Complete these steps:
    1. Log in to WebSphere at http://localhost:12060/ibm/console/. If your ClearQuest Web server uses a different port, specify that port instead.
    2. Expand Security, and then click SSL certificate and key management.
    3. Under the Configuration settings section, click Manage endpoint security configurations.
    4. Under Local Topology, expand Outbound, expand dfltCell, expand nodes. Click dfltNode.
    5. Under the Related Items section, click Key stores and certificates.
    6. Click NodeDefaultTrustStore.
    7. Under the Additional Properties section, click Signer certificates.
    8. Click Retrieve from port.
    9. In the Host field, enter your email server name or IP address. In the Port field, enter the port that your email server is listening on. In the Alias field, specify a name for this certificate so that you can identify it.
    10. Click Retrieve signer information, and then verify that the certificate information is correct.
    11. Click OK. In the Messages section, click Save.
    12. Restart the WebSphere profile for the change to take effect.
Parent topic: Configuring the ClearQuest EmailRelay application
Feedback