To be able to securely connect your Rule Designer to the Decision Server and Decision Center components that are running
in an OpenShift cluster, you need to establish a TLS connection through a security
certificate.
About this task
You must import the security certificate exposed by the Decision Server and Decision Center services into the Rule Designer JVM truststore. It
is assumed that these services use the same certificate. If not, the following procedure must be
applied to both services.
Procedure
-
Get the https://<ZEN-ROUTE>/odm/decisioncenter/assets/truststore.jks
file.
<ZEN-ROUTE> can be retrieved with the following command line:
oc get route cpd -n <PROJECT_NAME> --no-headers | awk '{print $2}'
- Copy the truststore.jks file to your Rule Designer installation
directory next to the eclipse.ini file.
-
Get the
https://<ZEN-ROUTE>/odm/decisioncenter/assets/OdmOidcProvidersRD.json
file.
- Add the SSL properties at the end of your eclipse.ini file.
To use the default security certificate, enter the following
lines:
-Djavax.net.ssl.trustStore=<PATHDIR>/truststore.jks
-Djavax.net.ssl.trustStorePassword=changeit
-Dcom.ibm.rules.authentication.oidcconfig=<PATHDIR>/OdmOidcProvidersRD.json
Where
changeit is the fixed password to be used for the default
truststore.jks file.
- Restart Rule Designer.
What to do next
Test the connection between Rule Designer and Decision Center to make sure you are able
to publish a decision service.