Update SSL Configuration for Java

For the data acquisition using HTTPS, certificates for secure endpoints are validated against the default trust store for Java (JRE).

For more information on the default JRE trust store, see http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores.

Initially, this may not be the trust store you have configured for the MashZone NextGen Server in the application server. This can cause security errors for information sources.

To avoid these errors, you can configure the JRE to use the trust store for the MashZone NextGen Server.

Procedure

  1. Open the application server configuration file MashZoneNG-install/apache-tomcat/conf/wrapper.conf in a text editor of your choice.
  2. Add the following Java system properties:

    wrapper.java.additional.<n+1>=-Djavax.net.ssl.trustStore=/path/to/mashup-server/truststore

    This is the absolute path to the trust store for the MashZone NextGen Server.

    wrapper.java.additional.<n+2>=-Djavax.net.ssl.trustStorePassword=truststore-password

    This is only required if the MashZone NextGen Server’s trust store uses a password.

    Where n is the number of last additional Java parameter.

  3. Save your changes to the script and restart the MashZone NextGen Server. See Start and Stop the MashZone NextGen Server for instructions.