The database SSL certificate
When you configure, or reconfigure, a DB2 or Oracle database server as the Identity data store, and you select the SSL option, a new window prompts you to accept the default digital certificate, if you do not have one in place.
The configuration process does not continue until you accept the certificate.
The window is not displayed if a certificate for the database is present in the Identity Governance and Intelligence key store.
If you run the advanced configuration process to configure the database, the existence of a certificate is verified when the response file is validated. The window that prompts you to accept the default certificate is displayed only if a certificate for the database is not found in the certificate store.
If you use the virtual appliance REST APIs to configure the database, the certificate must be in place in the certificate store. If it is not, the REST API returns an error.
If you add the database server certificate to the virtual appliance through the Database Certificate accept prompt, then the certificate is labeled dbcert in the Identity Governance and Intelligence signer certificate store.
The certificate is not automatically deleted when you unconfigure the database.