Truststore type

Use the Truststore type to create configurations that reference a truststore, which the integration server or integration runtime can use to verify a signature or run X.509 authentication.


Summary of key details for the configuration type

File name or type Contains secrets Path extracted/imported to Maximum allowed per integration server or integration runtime
JKS, PKCS12 Yes /home/aceuser/truststores/configurationName Multiple

About the Truststore file

The Truststore type requires a truststore for use by the integration server or integration runtime, and must be a password-protected truststore in a JKS or PKCS12 format. The truststore is placed unchanged in the directory /home/aceuser/truststores with the same name as its configuration object name. For example, if you named the configuration my-truststore.jks, the truststore is copied to /home/aceuser/truststores/my-truststore.jks. This path can then be referenced from the server.conf.yaml file wherever a truststore can be referenced, or from other configuration files like odbc.ini.

Note: The password is not set on this configuration object, so instead use mqsisetdbparms to define security identities that contain the password, and then use those identities to supply the password to configuration files like server.conf.yaml.

Creating a configuration for the Truststore type by using the configuration panel

You can create a Truststore-type configuration while creating an integration server or integration runtime, or independently, as follows:

  1. Open the Configuration page by clicking the Configuration icon Configuration icon in the navigation pane, or go to the Configuration view of an integration server or integration runtime that you are creating. Then, click Create configuration. For more information, see Managing configuration objects from the Configuration page.
  2. From the Create configuration panel, select Truststore from the Type list.
  3. In the Name field, specify a name for this configuration.
    Note: This name is used as the file name of the configuration that needs to be applied to the BAR file. Therefore, so you must provide a name that is suffixed with a supported file extension; for example, name.jks. If a file extension is not included as part of the configuration name, the integration server or integration runtime won't recognize this configuration and error messages are generated during the deployment.
  4. In the Description field, specify text that will help you identify the integration server or integration runtime that will use this truststore, or identify the type of truststore.
    Create configuration panel
  5. To import the truststore file, click within the boxed area to select the file from a file browser, or drag-and-drop the file. The name of the imported file is displayed.
    Imported keystore file
  6. Click Create. The configuration is added to the configurations table and can be selected for use with an integration server or integration runtime.

Updating or deleting a configuration

If you need to update the content or settings in a configuration, or delete a configuration that's no longer needed, see Managing configuration objects from the Configuration page.