To secure
the Content Platform Engine server
end of the communication with another server, you need to deploy the
third-party certificate that you generated on the other server into
the keystore on the Content Platform Engine server.
Procedure
To deploy a third-party
certificate on Content Platform Engine:
- Download a CA
certificate from the certificate authority (CA) website and save it
as cssThirdPartyCA.cer in any folder on the Content Platform Engine server, such as C:\IBM\cssKeystore.
- From the command line on the Content Platform Engine
server, navigate to the folder where you saved the
cssThirdPartyCA.cer file.
- On the WebLogic Server application server where
you deployed Content Platform Engine,
determine the current configured trust keystore. For example, WebLogic Server might be configured to
use DemoTrust (DemoTrust.jks) by default. (Note
that Oracle does not recommend using DemoTrust in a production environment.)
- Deploy the cssThirdPartyCA.cer file
to the keystore that you determined in the previous step by entering
the following command. (If your keystore is not DemoTrust, or you
are not running WebLogic 10.3 on a Windows platform,
make the appropriate substitutions in the command.)
keytool -import -alias YourThirdPartyAlias
-keystore C:\Oracle\Middeleware\WLserver_10.3\
server\lib\DemoTrust.jks -storepass YourStorePassword
-file cssThirdPartyCA.cer
- Verify that the
certificate was imported in the keystore by entering the following
command:
keytool -list -v -keystore thirdPartyServerStore -storepass YourStorePassword
- To perform SSL
authentication, specify the following Java™ system
parameters on the Content Platform Engine application
server. For more information about adding Java system parameters, see your application
server documentation. (If your keystore is not DemoTrust, or you are
not using WebLogic 10.3 on a Windows platform,
make the appropriate parameter substitution.)
-Djavax.net.ssl.trustStore=C:\Oracle\Middleware\WLserver_10.3\
server\lib\DemoTrust.jks
-Djavax.net.ssl.trustStorePassword=YourStorePassword
- Restart the Content Platform Engine instances on the application
server.