Keystore type
Use the Keystore type to create configurations that
reference a keystore, which the integration server or integration runtime can use for
encrypting or decrypting.
Summary of key details for the configuration type
| File name or type | Contains secrets | Path extracted/imported to | Maximum allowed per integration server or integration runtime |
|---|---|---|---|
| JKS, RDB, STH, KDB, PKCS12 | Yes | /home/aceuser/keystores/configurationName | Multiple |
Creating the file for a configuration object of type Keystore
The Keystore type requires a keystore or key repository for use by the integration server or integration runtime, and must be a password-protected truststore in a
JKS, PKCS12, or RDB format. The keystore is placed as it
is in the directory /home/aceuser/keystores with the same name as its
configuration object's name. For example, if you called the configuration
my-keystore.jks, the keystore is copied to
/home/aceuser/keystores/my-keystore.jks. This path can then be referenced from
the server.conf.yaml file wherever a keystore can be referenced, or from other
configuration files like odbc.ini.
For IBM® MQ key repositories, several files are needed for a key repository: an RDB, a KDB, and an STH file. Create these files as separate keystore configurations and apply each of them to the integration server or integration runtime. For example, create my-mqcerts.kdb, my-mqcerts.rdb, and my-mqcerts.slt, and then reference these files from the server.conf.yaml file by using /home/aceuser/keystores/my-mqcerts.
After you create the file, you can use it to create a configuration object as described in Configuration reference: Creating an instance from the Red Hat OpenShift web console and Creating an instance from the Red Hat OpenShift or Kubernetes CLI.