Software AG Products 10.7 | Integrating On-Premises and Cloud Applications | Administering Integration Server | Configuring Integration Server for Secure Communications | Configuring SSL Information for the Integration Server JVM | Order of Precedence for the javax.net.ssl Properties
 
Order of Precedence for the javax.net.ssl Properties
Integration Server can set the javax.net.ssl properties in the JVM in various ways. For example, you can modify the custom_wrapper.conf file such that Integration Server sets the properties at start up. You can also use the JVM Keystore Alias and JVM Truststore Alias fields on the Security > Certificates page in Integration Server Administrator. Additionally, you can use server configuration parameters and a package start-up services to set the properties.
Integration Server uses the following precedence order to set the values of the javax.net.ssl properties in the JVM.
1. Package start-up service.
2. The JVM Keystore Alias and JVM Truststore Alias fields on the Security > Certificates. These field values are stored in the watt.server.ssl.keyStoreAlias and watt.server.ssl.trustStoreAlias server configuration parameters, respectively. The JVM Keystore Alias and JVM Truststore Alias fields and the server configuration parameters have the same level of precedence.
3. The watt.config.systemProperties server configuration parameters.
4. custom_wrapper.conf (Integration Server)
JAVA_CUSTOM_OPTS in Integration Server_directory /bin/setenv.bat (Microservices Runtime)
Important:
Any change that impacts the value of the javax.net.ssl properties requires a restart of Integration Server for the changes to take effect. For example, if you do any of the following, you must restart Integration Server:
*Change the keystore whose alias is set in the JVM Keystore Alias field on the Security > Certificates page and the watt.server.ssl.keyStoreAlias parameter.
*Change the truststore whose alias is set in the JVM Truststore Alias field on the Security > Certificates page and the watt.server.ssl.trustStoreAlias parameter.
*Change the alias used by the JVM Keystore Alias or JVM Truststore Alias fields on the Security > Certificates page.
*Change the alias used by watt.server.ssl.keyStoreAlias or watt.server.ssl.trustStoreAlias.
*Edit custom_wrapper.conf or JAVA_CUSTOM_OPTS to change the value of the javax.net.ssl parameters.