Creating a Truststore

Truststores are repositories containing trusted certificates with verified public keys. The certificates in the truststore are usually obtained from a third-party certificate authority (CA).

Before you begin

One of the following roles is required to configure truststores:

  • Organization Administrator
  • Owner
  • Custom role with the Settings: Manage permissions

About this task

API Manager supports and uses TLS certificates, but does not produce strong encryption keys or manage your encryption keys. Encryption keys are generated and managed according to your own procedures. For more information, see Generating a PKCS#12 file for Certificate Authority and Generating a self-signed certificate using OpenSSL.

API Connect includes pre-configured Truststores which may be used for testing purposes. For production environments, we suggest creating a new, secure Truststore.


  1. In the API Manager, click Resources Resources.
  2. Select TLS.
  3. Click Create in the Truststore table.
    Title (required) Enter a Title for the Truststore. The title is displayed on the screen.
    Name (required) The Name is auto-generated. The value in the Name field is a single string that can be used in developer toolkit CLI commands.

    To view the CLI commands to manage truststores, see apic truststores.

    Summary (optional) Enter a brief description.
    Public Keys Upload the file containing the public key certificate. If necessary you can click Browse to locate the file.
  4. Click Save.