Importing an X.509 certificate

You can import X.509 certificates that are defined in keystore instances of type JKS or PKCS12. They become active without your having to restart the server.

A typical application server is deployed with a truststore file, which contains the trusted certificates. To add a certificate, you use the keytool utility to update the cacerts.jks file or the equivalent server-level truststore file, and then you restart the server.

Pega Platform includes a platform truststore to which you can import X.509 certificates. When a certificate needs to be used for transport layer security, Pega Platform looks for the certificate in the platform truststore, and then in the application server-level (JVM) truststore. You can add certificates to the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key expiration.

The platform truststore is used for rules that reference a truststore, which include certificates used for transport layer security in connectors and integration services, keystores, authentication services, OAuth 2.0 providers, and web service policies.

To view and update the platform truststore, run the activities described below using Dev Studio.

To view the contents of the platform truststore, run the pyInstanceList report of the Data-Admin-Security-Certificate class.
To add, update, and delete certificates in the platform truststore, run the appropriate activities in the Data-Admin-Security-Certificate class. For more information, see Managing X.509 certificates

Managing X.509 certificates
Beginning with Pega Platform 8.4, you can import your X.509 certificates directly into the Pega Platform truststore.
Keystores
A keystore is a file that contains keys and certificates that you use for encryption, authentication, and serving content over HTTPS. In Pega Platform, you create a keystore data instance that points to a keystore file.
Service File form - Completing the Service tab
Use the Service tab to set up a requestor and to describe the primary page for processing.
Service File form - Completing the Service tab
Use the Service tab to set up a requestor and to describe the primary page for processing.
Service File form - Completing the Service tab
Use the Service tab to set up a requestor and to describe the primary page for processing.

Pega Platform 8.4

Updated on June 5, 2020

Suggest Edit

Pega Success Stories

Pega Platform 8.5

Welcome to the new Pega Academy!

Collaboration Center 101

Collaboration Center

Collaborate and build together.

COVID-19 Employee Safety and Business Continuity Tracker

Pega Client Advocacy Program

Share your Pega success stories to earn rewards.

Table of Contents

Importing an X.509 certificate

Have a question? Get answers now.

About Pegasystems

Join our growing open ecosystem and change the way the world builds software.

Pega Success Stories

Pega Platform 8.5

Welcome to the new Pega Academy!

Collaboration Center 101

Collaboration Center

Collaborate and build together.

COVID-19 Employee Safety and Business Continuity Tracker

Pega Client Advocacy Program

Share your Pega success stories to earn rewards.

Table of Contents

Importing an X.509 certificate

Have a question? Get answers now.

About Pegasystems

Join our growing open ecosystem and change the way the world builds software.

We'd prefer it if you saw us at our best.