certAlias = "default"
newKeyStorePassword = "WebAS"
# Step 1: Generate a new certificate
print "Generating new certificate..."
#AdminTask.createChainedCertificate('-keyStoreName CellDefaultKeyStore -certificateAlias newCertificate -certificateSize 2048 -certificateCommonName localhost -certificateOrganization ibm')
AdminTask.renewCertificate('-keyStoreName CellDefaultKeyStore -certificateAlias default')
# Step 3: Save the configuration
print "Saving the configuration..."
AdminConfig.save()
print "Certificate renewal completed."
run it with command:
./wsadmin.sh -lang jython -f renew_certificate.py
Ref: https://www.ibm.com/docs/en/was/8.5.5?topic=tool-personalcertificatecommands-command-group-admintask-object#rxml_atpersonalcert__cmd19
or you can try another script on WAS9
certAlias = "default"
newKeyStorePassword = "new_password"
# Step 1: Generate a new certificate
print "Generating new certificate..."
AdminTask.regenerateKeyAndCertificate('[-alias ' + certAlias + ' -keyStoreName CellDefaultKeyStore -keyStoreScope (cell):' + AdminControl.getCell() + ' -keyStorePassword ' + newKeyStorePassword + ' -keySize 2048 -commonName CN=mycell.mycompany.com -defaultValidityPeriod 365 -renewInDaysBeforeExpiration 30]')
# Step 2: Propagate the new certificate to all nodes
print "Propagating the new certificate..."
AdminTask.propagateKeyRingCertificates('[-keyStoreName CellDefaultKeyStore -keyStoreScope (cell):' + AdminControl.getCell() + ' -keyStorePassword ' + newKeyStorePassword + ']')
# Step 3: Save the configuration
print "Saving the configuration..."
AdminConfig.save()
print "Certificate renewal completed."