Configuring HTTPS on a REST client connection

Follow these steps to configure HTTPS on a REST client connection to a HTTP endpoint.

About this task

Update server.xml to configure SSL on a REST client connection definition.

Procedure

  1. Edit the IBM® z/OS® Connect server configuration file to define an SSL element or SSLDefault element.
  2. Add an sslCertsRef attribute to the zosconnect_zosConnectServiceRestClientConnection element to reference the SSL element.
    For example:
    
        <featureManager>
            <feature>zosconnect:zosconnect-2.0</feature>
        </featureManager>
    
        <!-- Define the SSL configuration. -->
        <ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore" trustStoreRef="defaultTrustStore" clientAuthentication="false" />
    
        <!-- Define a keystore. Contains the IBM z/OS Connect server's personal certificate to be sent on SSL handshake. -->  
        <keyStore id="defaultKeyStore" password="zosconnect" location="${server.config.dir}/resources/security/serverKey.jks" />
    
        <!-- Define a truststore. Contains the public certificate expected to be sent on the SSL handshake. -->   
        <keyStore id="defaultTrustStore" password="zosconnect" location="${server.config.dir}/resources/security/serverTrust.jks"/>
    
        <!-- Define the connection to the REST API -->  
        <zosconnect_zosConnectServiceRestClientConnection id="restConn" sslCertsRef="defaultSSLConfig"
                host="example.com" port="8080" />