Managing Trusted Certificates
This applies to CM1 5.3.15 >= 5315_2020420
When integrating with external services it is very common that they he integration is performed using SSL/TLS protocols. For Certificates issued by public certification authorities this generally works fine and the secure connection will just work.
When using certificates that are issued by a private Certificate Authority, or sometimes a new public Certificate Authority, you need to add the certificate as a trusted cert to the configured Percussion JRE cacerts file.
These certificates can be automatically added by the the server at startup by placing any certificates that need to be imported into the following location:
<InstallDir>/rxconfig/secure_certificates
On server startup the system will scan any certificates in this directory and automatically import them into the JRE cacerts file.
Certificates should be PEM / CRT format and should include the entire certificate chain including intermediate and root certificates. The host certificate should always be the first certificate in the file.
After import, Secure LDAP, HTTPS, or TLS protocol integrations relying on the supplied certificate(s) should handshake properly on establishing connections.