Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Gordian Bartel (Gordian)
Greenfield
Head of Center of Excellence
Greenfield
DE
Gordian Member since 2017 2 posts
Greenfield
Posted: Jul 1, 2016
Last activity: Jul 14, 2016
Posted: 1 Jul 2016 7:45 EDT
Last activity: 14 Jul 2016 18:09 EDT
Closed

Use Websphere truststore for Connect-SOAP

Hi all,

the regular approach for using an SSL secured connection for a Connect-SOAP call would be adding the CA certificate as a truststore instanz, referencing this truststore in a WS-Security profile and using this WS-Security profile in the Connect-SOAP rule.

The current business requirement is to not put the truststore inside PRPC again, but to use the ones installed on the WebSphere Application Server. Do you know if and how it is possible to configure the connector rule resp. the WS-Security profile to point to certificates installed outside PRPC?

Thanks and best regards,

Gordian

To see attachments, please log in.
Data Integration
Security

Posted: 8 years ago
Posted: 1 Jul 2016 9:45 EDT
Jeff Houle (HOULJ) Senior Software Engineer
Pegasystems Inc.
US

Hi Gordian,

Pega is designed to use the Application Server-level trust store by default. The trust store in the WS Security Profile is an option for those who cannot install the CA certificates at the application server or do not wish to do so (or when needed for actual WS Security purposes rather than just SSL).

I encourage you to install the CA certificates in the Application Server's trust store and attempt use of your SOAP Connector.

To help us further understand your situation, please provide these details:

  1. Pega Version
  2. WebSphere Version
  3. Java version

thanks,

- Jeff

To see attachments, please log in.
Posted: 8 years ago
Updated: 8 years ago
Posted: 5 Jul 2016 2:31 EDT
Updated: 5 Jul 2016 2:46 EDT
Gordian Bartel (Gordian)
Greenfield
Head of Center of Excellence
Greenfield
DE

Hi Jeff,

thanks for your answer - our setup is:

  1. Pega 7.1.8
  2. IBM WebSphere Application Server/8.5 (WAS Proprietary information hidden)
  3. Java VM vendor / version: IBM Corporation / 2.7

The certificates were deployed in the application server's trust store on JVM level. Apparently this should work, but how do I configure the connector?

Connect SOAP Advanced.PNG

How do I point a WS security profile to the application server's trust store?

Thanks,

Gordian

To see attachments, please log in.
Posted: 8 years ago
Posted: 14 Jul 2016 18:09 EDT
Jeff Houle (HOULJ) Senior Software Engineer
Pegasystems Inc.
US

If your trust store is configured at the application server level, Pega should be able to find it without any intervention on your part, as it will ask the JRE for the available truststores.

How was this trust store set up for your WAS installation?

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice