Configuring Truststores using Template
You can configure Truststores using the following Command Central template:
sagcc exec templates composite import -i truststore.yaml
sagcc exec templates composite apply trustStoreAlias nodes=local truststore.location=trustStoreLocation
truststore.password=trustStorePassword
Sample truststores configuration template
alias: trustStoreAlias
description: API Gateway trust store creation
layers:
runtime:
templates: trustStore-Template
templates:
trustStore-Template:
products:
integrationServer:
default:
configuration:
OSGI-IS_apigateway-WmAPIGateway:
COMMON-TRUSTSTORES:
COMMON-TRUSTSTORES_testTrustStore:
Truststore:
'@alias': testTrustStore
Description: Test truststore for command central
Type: JKS
Provider: SUN
Location: ${truststore.location}
Password: ${truststore.password}
ExtendedProperties:
Property:
- '@name': certficateAliases
$: addtrustclass1ca,addtrustexternalca,addtrustqualifiedca,baltimorecodesigningca,baltimorecybertrustca,
comodoaaaca,entrust2048ca,entrustclientca,entrustglobalclientca,entrustgsslca,entrustsslca,equifaxsecureca,equifaxsecureebusinessca1,
equifaxsecureebusinessca2,equifaxsecureglobalebusinessca1,geotrustglobalca,godaddyclass2ca,gtecybertrust5ca,gtecybertrustca,
gtecybertrustglobalca,lhca,partner1,partner2,policygateway,soneraclass1ca,soneraclass2ca,starfieldclass2ca,synapse,
thawtepersonalbasicca,thawtepersonalfreemailca,thawtepersonalpremiumca,thawtepremiumserverca,thawteserverca,
utndatacorpsgcca,utnuserfirstclientauthemailca,utnuserfirsthardwareca,utnuserfirstobjectca,valicertclass2ca,
verisignclass1ca,verisignclass1g2ca,verisignclass1g3ca,verisignclass2ca,verisignclass2g2ca,verisignclass2g3ca,
verisignclass3ca,verisignclass3g2ca,verisignclass3g3ca,verisignserverca,webm test ca
- '@name': isLoaded
$: 'true'
- '@name': fileContent
$: /u3+7QAAAAIAAAAxAAAAAgAMd2VibSB0ZXN0IGNhAAABSLIi/poABVguNTA5AAADazCCA2cwggJPo
AMCAQICBFQih6gwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhM
JoAMCAQICBDdwz7UwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkVxdWlmYXggU2VjdXJlMSYwJAYD
- '@name': fileName
$: cacerts
provision:
default:
runtime: ${nodes}