Start of change
IBM App Connect Enterprise, Version 11.0.0.2 Operating Systems: Windows, Linux


Configuring SSL or TLS for an integration node or server

You configure SSL or TLS for your IBM® App Connect Enterprise integration node or server by modifying properties in a .yaml configuration file. You also use the mqsisetdbparms command to set a password.

Before you begin

  • Start an instance of the IBM App Connect Enterprise command console. You can use the console to create a username and password by issuing the mqsisetdbparms command.

Procedure

  1. Use a YAML editor to open the .yaml configuration file for your integration node or server.

    If you do not have access to a YAML editor, you can edit the file by using a plain text editor; however, you must ensure that you do not include any tab characters, which are not accepted in YAML and would cause your configuration to fail. If choose to use a plain text editor, ensure that you use a YAML validation tool to validate the content of your file.

    For more information about working with YAML, see http://www.yaml.org/start.html.

  2. Uncomment the following lines in the .yaml file:
    #sslCertificate:   /path/to/server/PKCS.p12    # The server certificate store
    #sslPassword:      adminRestApi::sslpwd        #The server certificate password alias
  3. Specify the file path to the server certificate on your system in the line that starts adminRestApiSslCertificate For example:
    sslCertificate: /Work/ACEv11/certificates/ssl/key.p12   # The server certificate store 
  4. Save the .yaml file. The properties that you set in the .yaml file take effect when the integration node or server is started. If you modify these properties again, you must also restart the integration node or server.
  5. On the command console, issue the mqsisetdbparms command to specify the username and password for your server certificate. Ensure that you specify the resource name on the -n parameter as adminRestApi::sslpwd to match the value in the .yaml file. For example:
    mqsisetdbparms -w c:\workdir\ACEServ1 -n adminRestApi::sslpwd -u ignored -p password 
  6. Restart the integration node or server for the changes to take effect.

What to do next

When you manage your integration node or server, or the resources that are deployed to it, by using either the IBM App Connect Enterprise Toolkit or web user interface, you are prompted to enter the username and password that you have created in this task in addition to the host name and port number of the integration node or server. When you use the IBM App Connect Enterprise Toolkit to create a connection to the integration node or server, ensure that you select the Use HTTPS check box in the Create connection wizard.

bp28498_.htm | Last updated 2018-11-02 14:46:32
End of change