certAlias = "default" newKeyStorePassword = "WebAS" # Step 1: Generate a new certificate print "Generating new certificate..." #AdminTask.createChainedCertificate('-keyStoreName CellDefaultKeyStore -certificateAlias newCertificate -certificateSize 2048 -certificateCommonName localhost -certificateOrganization ibm') AdminTask.renewCertificate('-keyStoreName CellDefaultKeyStore -certificateAlias default') # Step 3: Save the configuration print "Saving the configuration..." AdminConfig.save() print "Certificate renewal completed." run it with command: ./wsadmin.sh -lang jython -f renew_certificate.py
Ref: https://www.ibm.com/docs/en/was/8.5.5?topic=tool-personalcertificatecommands-command-group-admintask-object#rxml_atpersonalcert__cmd19
or you can try another script on WAS9
certAlias = "default" newKeyStorePassword = "new_password" # Step 1: Generate a new certificate print "Generating new certificate..." AdminTask.regenerateKeyAndCertificate('[-alias ' + certAlias + ' -keyStoreName CellDefaultKeyStore -keyStoreScope (cell):' + AdminControl.getCell() + ' -keyStorePassword ' + newKeyStorePassword + ' -keySize 2048 -commonName CN=mycell.mycompany.com -defaultValidityPeriod 365 -renewInDaysBeforeExpiration 30]') # Step 2: Propagate the new certificate to all nodes print "Propagating the new certificate..." AdminTask.propagateKeyRingCertificates('[-keyStoreName CellDefaultKeyStore -keyStoreScope (cell):' + AdminControl.getCell() + ' -keyStorePassword ' + newKeyStorePassword + ']') # Step 3: Save the configuration print "Saving the configuration..." AdminConfig.save() print "Certificate renewal completed."