Import the Certificate into the Truststore Used for SAML Authentication
Import the Certificate into the Truststore Used for SAML Authentication
Import the assertion signing certificate used by the identity provider into the truststore file used for SAML authentication on every gateway node within the Informatica domain.
You can import the certificate into the default Informatica truststore file, or into a custom truststore file.
The file name of the default Informatica truststore file is
infa_truststore.jks
. The file is installed in the following location on each node:
If you import the certificate into a custom truststore file, you must save the truststore file in a different directory than the directory containing the default Informatica truststore file. The truststore file name must be
infa_truststore.jks
.
You can use the Java keytool key and certificate management utility to create an SSL certificate or a certificate signing request (CSR) as well as keystores and truststores in JKS format. The keytool is available in the following directory on domain nodes:
<Informatica installation directory>\java\bin
If the domain nodes run on AIX, you can use the keytool provided with the IBM JDK to create an SSL certificate or a Certificate Signing Request (CSR) as well as keystores and truststores.
Copy the certificate files to a local folder on a gateway node within the Informatica domain.
From the command line, go to the location of the keytool utility on the node.
Run the keytool utility to import the certificate.