SSL RMI

To enable SSL RMI, set the below configuration in values.yaml:
values.setupCfg.useSslForRmi=true
  1. By default, SSL RMI is enabled, and out of the box certificates are used for internal RMI communication.
  2. By default, when SSL RMI is enabled without rmiTlsSecretName, a default tls secret will be created with the name <Helm-release>-b2bi-rmi.
  3. You can configure custom certificates for SSL RMI using values.setupCfg.rmiTlsSecretName.
  4. While configuring the customer certificate for SSL RMI, rmiTlsSecretName should contain an RMI certificate and key pair.
  5. Perform Helm install or upgrade.
    Note: Do not use the Sterling B2B Integrator dashboard UI to edit or update the default RMSSL certificate (rmissl). Instead, use the secret rmiTlsSecretName.

Using Customer Overrides for Configuring Custom Certificates for SSL RMI

  1. Modify the customer_overrides.properties file. For example, consider the following certificate names for the certificates that are checked in:
    • System Certificate: Sample_System_Cert
    • CA Certificate: Sample_CA_Cert
    Now, add the following lines to the customer_overrides.properties file:
    • SSLRmiserver.systemCertificate=Sample_System_Cert
    • SSLRmiserver.caCertificate=Sample_CA_Cert
  2. Restart the containers.