Truststore type

Use the Truststore type to create configurations that reference a truststore, which the integration server or integration runtime can use to verify a signature or perform X.509 authentication.

Summary of key details for the configuration type

File name or type Contains secrets Path extracted/imported to Maximum allowed per integration server or integration runtime
JKS, PKCS12 Yes /home/aceuser/truststores/configurationName Multiple

About the Truststore file

The Truststore type requires a truststore for use by the integration server or integration runtime, and must be a password-protected truststore in a JKS or PKCS12 format. The truststore will be placed unchanged in the directory /home/aceuser/truststores with the same name as its configuration object name. For example, if you named the configuration my-truststore.jks, the truststore will be copied to /home/aceuser/truststores/my-truststore.jks. This path could then be referenced from the server.conf.yaml file wherever a truststore can be referenced, or from other configuration files like odbc.ini.

Note: The password is not set on this configuration object, so instead use mqsisetdbparms to define security identities that contain the password, and then use those identities to supply the password to configuration files like server.conf.yaml.

Creating a configuration for the Truststore type by using the configuration panel

You can create a Truststore-type configuration while creating an integration server or integration runtime, or independently, as follows:

  1. From the Configuration page (accessed by clicking the Configuration icon Configuration icon), or the Configuration view of an integration server or integration runtime that you are creating, click Create configuration. For more information about this page or view, see Managing configuration objects from the Configuration page.
  2. From the Create configuration panel, select Truststore from the Type list.
  3. In the Name field, specify a name for this configuration.
    Note: This name will be used as the file name of the configuration that needs to be applied to the BAR file, so you must provide a name that is suffixed with a supported file extension; for example, name.jks. If a file extension is not included as part of the configuration name, the integration server or integration runtime will not recognize this configuration and error messages will be generated during the deployment.
  4. In the Description field, specify text that will help you identify the integration server or integration runtime that will use this truststore, or identify the type of truststore.
    Create configuration panel
  5. To import the truststore file, click within the boxed area to select the file from a file browser, or drag-and-drop the file. The name of the imported file is displayed.
    Imported keystore file
  6. Click Create. The configuration is added to the configurations table and can be selected for use with an integration server or integration runtime.

Updating or deleting a configuration

If you need to update the content or settings in a configuration, or delete a configuration that's no longer required, see Managing configuration objects from the Configuration page.