Configuring Truststores

Edit online

About this task

This section provides information about adding Truststores for API Gateway from Command Central.

To configure the Truststores

Procedure

  1. In Command Central, navigate to Environments > Instances > All > API Gateway > Configuration.
  2. Select Truststores from the drop-down menu.
    The Truststores list appears.
  3. Click to add a new Truststore.
  4. Provide an Alias for the Truststore.
  5. Provide Type, Provider, and Location of the Truststore in the Truststore Configuration section.
  6. Click Save .
    The Truststore is added to list.

Configuring Truststores using Template

Edit online

About this task

You can configure Truststores using the following Command Central template: 

sagcc exec templates composite import -i truststore.yaml

sagcc exec templates composite apply trustStoreAlias nodes=local truststore.location=trustStoreLocation 
truststore.password=trustStorePassword

Sample Truststores configuration template 

alias: trustStoreAlias
description: API Gateway trust store creation

layers:
  runtime:   
    templates: trustStore-Template

templates:
  trustStore-Template:
    products:
      integrationServer:
        default:
          configuration:
            OSGI-IS_apigateway-WmAPIGateway:
              COMMON-TRUSTSTORES:
                COMMON-TRUSTSTORES_testTrustStore:
                  Truststore:
                    '@alias': testTrustStore
                    Description: Test truststore for command central
                    Type: JKS
                    Provider: SUN
                    Location: ${truststore.location}
                    Password: ${truststore.password}
                  ExtendedProperties:
                    Property:
                      - '@name': certficateAliases
                        $: addtrustclass1ca,addtrustexternalca,addtrustqualifiedca,baltimorecodesigningca,baltimorecybertrustca,
comodoaaaca,entrust2048ca,entrustclientca,entrustglobalclientca,entrustgsslca,entrustsslca,equifaxsecureca,equifaxsecureebusinessca1,
equifaxsecureebusinessca2,equifaxsecureglobalebusinessca1,geotrustglobalca,godaddyclass2ca,gtecybertrust5ca,gtecybertrustca,
gtecybertrustglobalca,lhca,partner1,partner2,policygateway,soneraclass1ca,soneraclass2ca,starfieldclass2ca,synapse,
thawtepersonalbasicca,thawtepersonalfreemailca,thawtepersonalpremiumca,thawtepremiumserverca,thawteserverca,
utndatacorpsgcca,utnuserfirstclientauthemailca,utnuserfirsthardwareca,utnuserfirstobjectca,valicertclass2ca,
verisignclass1ca,verisignclass1g2ca,verisignclass1g3ca,verisignclass2ca,verisignclass2g2ca,verisignclass2g3ca,
verisignclass3ca,verisignclass3g2ca,verisignclass3g3ca,verisignserverca,webm test ca
                      - '@name': isLoaded
                        $: 'true'
                      - '@name': fileContent
                        $: /u3+7QAAAAIAAAAxAAAAAgAMd2VibSB0ZXN0IGNhAAABSLIi/poABVguNTA5AAADazCCA2cwggJPo
																								AMCAQICBFQih6gwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhM
																								JoAMCAQICBDdwz7UwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkVxdWlmYXggU2VjdXJlMSYwJAYD
                      - '@name': fileName
                        $: cacerts

provision:
  default:
    runtime: ${nodes}