Update SSL Configuration for Java

MashZone NextGen Administration : MashZone NextGen Server Configuration : Configure MashZone NextGen for SSL and Digital Certificates : Update SSL Configuration for Java

With the EMML <directinvoke> statement, certificates for secure endpoints are validated against the default trust store for Java (the JRE). One-way SSL for mashable information sources may also use the default trust store for Java.

Note:

See http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CustomizingStores for more information on the default JRE trust store.

Initially, this may not be the trust store you have configured for the MashZone NextGen Server in the application server and/or the Admin Console. This can cause security errors for <directinvoke> statements or mashable information sources.

To avoid these errors, you can configure the JRE to use the trust store for the MashZone NextGen Server:

1. Open the appropriate startup script (below) for the application server hosting the MashZone NextGen Server in any text editor:

MashZoneNG-install/apache-tomee-jaxrs/bin/setenv.bat file for Windows environments

MashZoneNG-install/apache-tomee-jaxrs/bin/setenv.sh file for Linux, OS/X or UNIX environments

2. Add these system properties in the Java options in this script:

-Djavax.net.ssl.trustStore=/path/to/mashup-server/truststore: this is the absolute path to the trust store for the MashZone NextGen Server.

-Djavax.net.ssl.trustStorePassword=truststore-password: this is only required if the MashZone NextGen Server’s trust store uses a password.

3. Save your changes to the script and restart the MashZone NextGen Server. See Start and Stop the MashZone NextGen Server for instructions.

Contact Support | Community | Feedback