Versions Compared

Old Version 11

changes.mady.by.user Chieko Sugizaki

Saved on

compared with

New Version Current

changes.mady.by.user Chieko Sugizaki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DTPDEVEL and version 2023.2

Integration with external tools and services may require connections secured with TLS/SSL. User Administration will reject connections to external servers if the server's certificate is not trusted or unsigned by a trusted certificate authority.  To add a new trusted certificate, perform the following steps:

  1. Obtain the trusted certificate to add. These certificates can be in any format accepted by the Java keytool application.

  2. Execute the following command to import the certificate to the truststore: 
    keytool -import -alias <new unique alias> -file <certificate file> -keystore <LS_INSTALL>/app/jre/lib/security/cacerts 

  3. Enter "changeit" as the password when prompted.

  4. Confirm that you want to import the certificate when prompted.

  5. Restart User Administration to apply the changes.

To import a certificate chain, repeat steps 1-4 for each certificate in the certificate chain in order of root certificate first to end entity certificate last. 

Note
titleTruststores and Upgrades

During an upgrade, DTP retains the existing truststore found at <DTP_INSTALL>/jre/lib/security/cacerts. Because of this, if you have upgraded DTP multiple times, it's possible your truststore might not contain newly trusted certificate authorities. If your DTP requires connecting to an external server with a certificate signed by one of these newly trusted certificate authorities, you may need to manually update the truststore at <DTP_INSTALL>/jre/lib/security/cacerts.