Update the HTTPs Port of Platform Manager
You can update the default HTTPs port of Platform Manager to use the custom keystore, or configure a new HTTPs port (with unique alias and port number). However, if you choose to create and enable a new HTTPs port, you should disable the default HTTPs port of Platform Manager to avoid confusion.
To set up SSL communication between the local Platform Manager and Command Central
1. In the HTTPs port configuration for SPM (in the web user interface; or OSGI-SPM if you use the sagcc create configuration data CLI command), specify the following security configuration details:
Key Alias - An alias for the custom keystore.
Type - The keystore type.
Command Central supports the JKS and PKCS12 keystore types. The default is JKS.
Location - The location of the custom keystore file, for example /path/to/spmnode.jks.
Password - The password to access the custom keystore.
2. Set the SSL connection settings of the Command Central server to point to the custom truststore:
a. In the Command Central web userface go to, Home > Instances > Environments > CCE > Command Central Server.
b. On the Configuration tab, select General Properties and click Outbound SSL Connection Settings.
c. Update the truststore location to point to the custom truststore file, for example /path/to/cce-truststore.jks and specify the password to access the custom truststore.
d. Clear the Ignore host verification checkbox.
To test the SSL connection, go to the Local installation and on the Overview tab make sure that the Port field has the port number of the updated HTTPs port and Use SSL is selected. Then verify if the status of the Local installation is green.
After successfully testing the SSL communication with the local Platform Manager node, you can update the HTTPs port of each remote Platform Manager node managed by Command Central, and test that the remote Platform Manager communicates with Command Central using the custom keystore and truststore.