To establish one-way or two-way secure communication with the REST API, you can configure TLS authentication.
The Secure Agent establishes a secure connection with the REST API over TLS. You can use one-way SSL or two-way SSL. Before configuring the certificates, ensure that the certificates are in the
.jks
format.
Use One-Way SSL
To use one-way SSL, perform the following steps:
Import the server certificate to the following file path:
Add JVM options in the Secure Agent properties for the truststore file name and truststore password:
Click
Administrator
>
Runtime Environments
and select an agent.
Select Type as DTM under
System Configuration Details
.
Add the following JVM options:
JVMOption1=-Djavax.net.ssl.trustStore=
<absolute path of the .jks truststore file>
JVMOption2=-Djavax.net.ssl.trustStorePassword=
<truststore password>
Alternatively, you can specify the name of the truststore file and truststore password in the
TrustStore File Name
and
TrustStore Password
connection properties.
Use Two-Way SSL
To use two-way SSL, you must first configure one-way SSL, and then perform the following steps:
Add JVM options in the Secure Agent properties for the keystore file and keystore password:
Click
Administrator
>
Runtime Environments
and select an agent.
Select Type as DTM under
System Configuration Details
.
Set the following JVM options:
JVMOption3=-Djavax.net.ssl.keyStore=
<absolute path of the .jks keystore file>
JVMOption4=-Djavax.net.ssl.keyStorePassword=
<keystore password>
Alternatively, you can specify the name of the keystore file and keystore password in the
KeyStore File Name
and
KeyStore Password
connection properties.
If you specify keystore and truststore properties in the connection and in the JVM options, the Secure Agent processes the certificates based on the properties configured in the connection.