Question

3
Replies
1083
Views
Close popover
Eugene Roytfeld (EugeneR7)
Deutsche Bank
Vice President
Deutsche Bank
US
EugeneR7 Member since 2013 30 posts
Deutsche Bank
Posted: March 13, 2018
Last activity: March 15, 2018
Closed

Specifying multiple certificates / keys in a keystore via alias - is this supported?

When building secure REST services, we are required to specify a keystore instance which has the certificate / key for the secured connection. This is generally fine, however when there are multiple services which have their own security constraints, we have to maintain multiple keystores within Pega.

Additionally, at the JVM level, we can specify only 1 keystore using something like -Djavax.net.ssl.keyStore = ./mykeystore.jks

My understanding is that a keystore is just a container for certs / keys, where each pair can be identified by an alias. So if this was built in direct code, a client can specify "for my HTTPS connection, use SSL cert/key where alias = 'mycertalias' "

Is this something which is currently supported in Pega (7.3.1) or planned to be supported? It would be a bit of management overhead if multiple keystores have to be managed, and neither of them can be used in the javax.net.ssl.keyStore jvm parameter.

Data Integration Security
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.