Integrating with IBM Sterling Order Management System Software containers over phase 2
Configure the integration properties, custom overrides properties, and generate a JSON Web Token to integrate Sterling Intelligent Promising with Sterling Order Management System Software containers.
- Configure the integration between IBM® Sterling Order Management System Software containers and IBM Sterling Intelligent Promising. For more information, see Enabling Sterling Inventory Visibility integration for Sterling Order Management System Software.
- Configure the following set up properties in customer overrides properties file for enabling V2
mode.
iv_integration.IVApiVersion=v2 iv_integration.nodeAvailability.apiUrl=/v2/availability/node/ iv_integration.networkAvailability.cached.apiUrl=/v2/availability/network/ iv_integration.nodeAvailability.cached.apiUrl=/v2/availability/node/ iv_integration.reservations.apiUrl=/v2/reservations/
- Ensure that the following properties are added to the customer overrides properties
file.
iv_integration.tenantId: default iv_integration.clientId: DEFAULT iv_integration.baseUrl: https://<SIPHOSTNAME>/inventory iv_integration.authentication.mode: JWT
Note: When you create a secret in Sterling Order Management System Software, ensure that you add anivSecret
. For more information, see creating a secret. - Select any of the following ways to generate JWT.
- By using IBM Sterling Order Management
System Software containers private-public key pair
- Install the OMEnviroment by adding the following JWT property to
common
parameter. For more information, see common parameter.jwt: algorithm: RS512 audience: service issuer: oms
The private key is imported to the keystore and public key is copied to sharedCertificates in Persistent Volume. For example, <sharedDirectory/jwtauth/operator.pub>.
- Configure this public key in OMS Gateway as explained in Creating a JWT issuer secret by using a public key.
- Install the OMEnviroment by adding the following JWT property to
- By using your own private-public key pair
- Ensure that the following JWT properties are added to the customer overrides properties
file.
yfs.yfs.jwt.create.issuer: oms yfs.yfs.jwt.create.audience: service yfs.yfs.jwt.create.expiration: <TIME in seconds> yfs.yfs.jwt.create.pk.alias: operator yfs.yfs.jwt.create.algorithm: RS512 yfs.yfs.jwt.create.userClaim: admin
- Copy the customer generated keystore (jks) into the shared directory of Persistent Volume. For example, /<SHARED_DIR>/jwtauth/jwt.jks.
- Configure the following JVM arguments properties for integration servers. The IV_ADJUST_IS and
IV_ADJUST_ID integration servers require these JVM arguments.
jvmArgs: - groupName: IVJVMArgs propertyList: - -Dhttps.protocols=TLSv1.2 - -Dcom.ibm.jsse2.overrideDefaultTLS=true - -Dycp.jwt.auth.keyStore=/opt/ssfs/runtime/jwt - -Dycp.jwt.auth.keyStorePassword=${keyStorePassword} - -Dycp.jwt.auth.trustStore=/opt/ssfs/runtime/jwt
- Install the OMEnviroment by skipping the JWT section in spec so that Sterling Order Management System Software uses the user provided key-pairs.
- Configure this public key in OMS Gateway as explained in Creating a JWT issuer secret by using a public key.
Note:- The Sterling Order Management System Software expects the alias name to be 'operator'. Hence, when generating the key-pairs, ensure to use the alias name as 'operator'.
- Ensure to use the same
keyStorePassword
that is specified in the secret (the secret that is specified in the Sterling Order Management System Software containers configuration) when generating the key-pairs. - If you are using Sterling Intelligent
Promising Operator certificate, ensure to add the
root CA certificate
[tls.crt]
to the truststore of integration servers JVM. - If you are using your own certificate, ensure to add it to the truststore of integration servers JVM.
- Ensure that the following JWT properties are added to the customer overrides properties
file.
- By using IBM Sterling Order Management
System Software containers private-public key pair