Determining the CPE route and adding the SSL certificate to the IER truststore

The Enterprise Records (IER) tools are common for on-premises as well as cloud deployment processes. You can access the tools after installing Enterprise Records. For accessing the Content Platform Engine (CPE) services on your Enterprise Records container, you need to create a new CPE route.

About this task

Running the Enterprise Records tools like the sweeps, configuration manager, FilePlan tool, a connection with the Content Platform Engine is required.

Procedure

  1. Get the IBM FileNet P8 Content Engine Web Service page URL from the ConfigMap named icp4adeploy-cp4ba-access-info.
  2. Download or copy the default Secure Sockets Layer (SSL) certificate from the CPE route URL (.csr or .cer certificate).
  3. Add the SSL certificate to the Java truststore named cacerts.
    1. Add the SSL certificate to the <IER_install_path>/jre/bin folder.
    2. Go to the <IER_install_path>/jre/lib/security folder and copy the cacerts file.
    3. Add the cacerts file to the <IER_install_path>/jre/bin folder.
    4. Add the SSL certificate to the cacerts file by running the following command:
      keytool -import -alias ca -file cpe-cert.csr -keystore cacerts -storepass changeit
  4. Add the cacerts file to the <IER_install_path>/jre/lib/security folder.
  5. Configure the CPE with an HTTPS URL. For example, https://cpe-icp4adeploy.9.30.42.31.nip.io/wsi/FNCEWS40MTOM.

What to do next

  1. Add the following annotations to the CPE route and click Save:
    • haproxy.router.openshift.io/balance roundrobin
    • haproxy.router.openshift.io/timeout 3000s
    • router.openshift.io/sticky_cookie -sticky_cookie_annotation
  2. Configure Enterprise Records by using Configuration Manager.