Before you can consume your web services using HTTPS, you need to get the consumer to trust the self-signed certificate you created and installed on your IIS. The reason is that self-signed certificates are not signed by any certificate authority, so the consumer has no way to verify the identity of the certificate.
The first step is to export the certificate out of IIS so you can import it into your IBM i or Windows server.
Go to the Server Certificates screen.
Select the DotNetServicesSSLCertificate you created earlier, then choose Export from the Actions pane on the right.
Fill out the Export to field – this should be where you want to export the certificate to. The filename should have a .pfx extension. If you are going to import the certificate to your IBM i certificate store, export it to your IBM i's IFS.
The next step is to configure either your Windows or IBM i server to trust this self-signed certificate.
Configuring Windows to Trust the Self-Signed Certificate
Configuring Your IBM i to Trust the Self-Signed Certificate
