Securing IBM Watson IoT Platform - Message Gateway JMS client by using Java runtime environment global properties

The IBM Watson IoT Platform - Message Gateway JMS client uses the standard Java Secure Socket Extension (JSSE) that all supported JREs provide for making Transport Layer Security (TLS) connections. For information about JSSE, see the JSSE documentation. For information about configuring secure connections for Java EE clients that use the IBM Watson IoT Platform - Message Gateway resource adapter, see Transport Layer Security for the IBM Watson IoT Platform - Message Gateway resource adapter.

For an IBM Watson IoT Platform - Message Gateway JMS client connection factory that requires secure connections to IBM Watson IoT Platform - Message Gateway, you typically must set the following javax.net.ssl system properties:

-Djavax.net.ssl.keyStore=<keyfile_name>
-Djavax.net.ssl.keyStorePassword=<keyfile_password>
-Djavax.net.ssl.trustStore=<trustfile_name>
-Djavax.net.ssl.trustStorePassword=<trustfile_password>

You must keep in mind that these command line options can be visible to others. For this reason, you might not want to set your password parameters in this way. You can set some or all of these values programmatically by using the following sample code programmatic settings:

System.setProperty("javax.net.ssl.keyStore", "/path/to/keystore");
System.setProperty("javax.net.ssl.keyStorePassword", "keyStorePassword)";
System.setProperty("javax.net.ssl.trustStore", "/path/to/truststore");
System.setProperty("javax.net.ssl.trustStorePassword", "trustStorePassword");

If you set password parameters programmatically, the applications prompt users for passwords so that the passwords do not need to be passed on the command line.