Creating truststore files for usage with SSL

Specialized toolkits - release 4.3.1.0-prod20190605 > com.ibm.streamsx.elasticsearch 2.1.1 > Creating truststore files for usage with SSL

This is only needed, if your Java runtime does not trust the server certificates per default. In that case you have to manually download the certificate (or the certificate of the CA) and create a Java truststore file for usage with the operators.

To get the certificates you have multiple options

You can use the openssl s_client command to print all server certificates to the console`
You can use the curl command to access the server and have debug informations print out
The easiest way is probably to enter the server URL in a firefox browser and than click on the little green lock icon in the URL bar. Afterwards you can examine the certificate chain and export any missing certificate to a file.

Once you have the certificate(s) available as files in PEM format, copy it to the etc folder of your application and use the Java keytool command to create a truststore file and import the certificates

keytool -import -trustcacerts -file newCertFile.crt -keystore trustStore.jks -storepass 123456

This creates a file named trustStore.jks in the etc directory with a password of 123456

Use these values for the operator parameters, in order to access the server.