Setting SSL Certificate Settings

Use the SSL Certificates menu to bring up the screen where you define and manage a JKS Keystore. The Keystore holds trusted certificates for client/server authentication.

Defining a Keystore

To define a keystore:

  1. In Client 0, edit the RA Web Service Agent solution Agent object.
  2. Select the Web Service tab and the SSL Certificate menu item on the left side of the screen.
  3. Enter a keystore and password in the Keystore and Password fields in the SSL Certificates box.

    4. You can browse to the keystore using the browse icon.

  4. Save and close the Agent definition.
  5. Stop and restart processes for the RA Web Service Agent solution Agent.
  6. Open your RA Web Service Agent solution Agent object again and reselect Web Service tab and SSL Certificate menu item.

    7. The certificates for the keystore will be listed in the Certificates table.

  7. From the Certificates table, you can:
    • Import a certificate
    • Export a certificate
    • Delete a certificate

Using the Default Jave Keystore

The default java keystore (cacerts) can also be used. For example:

keytool -import -v -alias Name -file C:\keys\Certificate.der -keystore C:\Program Files\Java\jdk1.8.0_91\jre\lib\security\cacerts

The version of Java should correspond to the one the RA Web Service Agent solution Agent is started with in case there is more than one Java version available on the server.

Exporting a Certificate from the Web Service Keystore

To export a certificate from the Web Service Agent keystore, select the certificate and click Export. The Export Certificate dialog will appear. Enter an absolute file name you want to export the certificate to, click the OK button to start the export.

Deleting a Certificate from the Web Service Keystore

To delete a certificate from the RA Web Service Agent solution Agent keystore, select the certificate and click Delete.

Importing a Certificate into the Web Service Keystore

To import a .der certificate into the RA Web Service Agent solution Agent keystore:

  1. Enter a certificate file and alias in the Certificate File and Certificate Alias fields.

    2. You can use the browse icon to browse to the certificate file.

  2. Click Import.

Important !

You cannot import .pem certificates. Additionally, if you have a .der certificate that was converted from a .pem format, you may not be able to browse to it.

Updating the Certification Authority Password

If you updated your certification authority password outside of the RA Web Service Agent solution Agent , you need to update it in the Password field in the CA Certificates box. You must then recreate the keystore.