FileNet P8 Content Search Engine, Version 5.2.1       Application server:  JBOSS Application Server   Operating systems:  AIX, Linux, Linux on System z, Solaris, Windows

Deploying a third-party certificate on the Content Platform Engine server (JBoss Application Server)

To secure the Content Platform Engine server end of the communication with another server, you need to deploy the third-party certificate that you generated on the other server into the keystore on the Content Platform Engine server.

Procedure

To deploy a third-party certificate on Content Platform Engine:

  1. Download a CA certificate from the certificate authority (CA) website and save it as cssThirdPartyCA.cer in any folder on the Content Platform Engine server, such as C:\IBM\cssKeystore.
  2. From the command line on the Content Platform Engine server, navigate to the folder where you saved the cssThirdPartyCA.cer file.
  3. On the JBoss Application Server where you deployed Content Platform Engine, determine the current configured trust keystore. For example, JBoss Application Server might be configured to use the default Java keystore cacerts at C:\Java\jre7\lib\security\cacerts.
  4. Deploy the cssThirdPartyCA.cer file to the keystore that you determined in the previous step by entering the following command. If your keystore is not the default Java cacerts, make the appropriate substitutions in the command.
    keytool -import -alias YourThirdPartyAlias 
    -keystore C:\Java\jre7\lib\security\cacerts 
    -storepass YourStorePassword -file cssThirdPartyCA.cer
  5. Verify that the certificate was deployed in the keystore by entering the following command:
    keytool -list -v keystore C:\Java\jre7\lib\security\cacerts 
    -storepass YourStorePassword
  6. To perform SSL authentication, specify the following Java system parameters on the Content Platform Engine application server. For more information about adding Java system parameters, see your application server documentation. If your keystore is not the default Java cacerts, make the appropriate substitutions in the command.
    -Djavax.net.ssl.trustStore=C:\Java\jre7\lib\security\cacerts
    -Djavax.net.ssl.trustStorePassword=YourStorePassword
  7. Restart the Content Platform Engine instances on the application server.


Last updated: October 2015
p8pin348.htm

© Copyright IBM Corporation 2013, 2015.