Skip to main content

Table of Contents

Creating the keystore.jks and truststore.jks files


Only available versions of this content are shown in the dropdown

Enabling encryption between nodes secures the data that is transferred across nodes so that it cannot be accessed by unauthorized hosts. Create a keystore.jks for the private key and the associated certificate or certificate chain.

If you already have a self-signed certificate (SSL), go to step 2.
  1. Create a self-signed certificate by entering the following command:

    keytool -genkey -alias <alias> -keyalg RSA -keysize <enter size> -keypass <password>
                -keystore cluster-keystore.jks -storepass <password>
  2. Export the self-signed certificate so that it can be added to the truststore as the trusted certificate by entering the following command:

    keytool -export -alias <alias> -file <certificate> -keystore cluster-keystore.jks
                -storepass <password>
  3. Create the cluster-truststore.jks file by entering the following command:

    keytool -import -alias <alias> -file client.cer -keystore cluster-truststore.jks
                -storepass <password>
    Did you find this content helpful?

    Have a question? Get answers now.

    Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

    Ready to crush complexity?

    Experience the benefits of Pega Community when you log in.

    We'd prefer it if you saw us at our best.

    Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

    Close Deprecation Notice
    Contact us