IBM Support

Trust store problem when connecting from Process Designer to Process Center in IBM Business Process Manager (BPM)

Troubleshooting


Problem

Trust store is not included for a network deployment (ND) environment or with a correct password for security with Process Designer.

Symptom

When connecting Process Designer to Process Center, a dialog box opens with a prompt to accept the SSL certificate of the Process Center.

Cause

In a Network Deployment environment, the trust store that was included with the Process Designer compressed download did not contain the SSL certificate for the server. This issue results in the SSL certificate prompt displaying on the first connection by Process Designer to the Process Center.  Also, if a non-default password (WebAS) was not specified on the trust store, it would result in a prompt when connecting from Process Designer to Process Center as the password specified in the ssl.client.props uses the default password (WebAS).

Resolving The Problem

If you are using a Network Deployment environment, you can resolve the problem using one of the following options:

Option 1:
Update the ${was.install.root}/BPM/Lombardi/tools/designer/windows-authoring-environment.zip file with the trust.p12 file from the ${user.install.root}/config/cells/cell_name directory.  If the trust store was not created by default, or if you specified a different password for the keystore at the time the deployment manager profile was created, change the password to WebAS using the ${was.install.root}/bin/ikeyman.bat/.sh utility.  Any new installations of Process Designer use the corrected trust.p12 file. 

Option 2:
Manually replace the trust.p12 file at the ${process.designer.install}/etc directory with the correct trust file from the ${user.install.root}/config/cells/cell_name directory.  The password also needs to be set to WebAS using the ${was.install.root}/bin/ikeyman.bat/.sh utility. Or, the com.ibm.ssl.keyStorePassword property value in the ${process.designer.install}/resources/ssl.client.props files need to be updated with the correct password value for the trust store that you included. 

Note: If you are using a stand-alone profile, the trust.p12 file from the ${user.install.root}/config/cells/cell_name/nodes/node_name directory is already included in the Process Designer compressed file, by default.  The solution is to update the com.ibm.ssl.keyStorePassword property value in the ssl.client.props file in the ${was.install.root}/BPM/Lombardi/tools/designer/windows-authoring-environment.zip with the password that matches the trust store. Or, you can manually replace the trust.p12 file in the ${process.designer.install}/etc after Process Designer has been installed with a trust store that has a password of WebAS.

[{"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Security","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.5;8.0.1;8.0;7.5.1;7.5","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSFTBX","label":"IBM Business Process Manager Express"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Security","Platform":[{"code":"","label":""}],"Version":"8.5;8.0.1;8.0;7.5.1;7.5","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSFTDH","label":"IBM Business Process Manager Standard"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Security","Platform":[{"code":"","label":""}],"Version":"8.5;8.0.1;8.0;7.5.1;7.5","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Product Synonym

BPM

Document Information

Modified date:
15 June 2018

UID

swg21590164