1. Security Administration Guide
  2. Configuring HTML Server with a Certificate

Configuring HTML Server with a Certificate

There are two separate configuration sections in Server Manager to allow for all certificates in each store to be trusted. Each section allows for one keystore; multiple certificates can be imported into that keystore.

The external section is for configuring certificates for a JWT token generated outside of the JD Edwards system.

The internal section is for configuring certificates for JWT tokens generated by AIS Servers, for communication between the AIS and HTML Servers (for example, notifications and scheduler). By default, the demo certificate is enabled. The demo certificate is always allowed. If you have enabled the demo certificate and included certificates in a keystore, all of them can be used. The demo certificate will be tried first if it is enabled.

Note: Any certificates that you include in the internal keystore much match the certificates configured for each AIS Server associating with the HTML Server (public/private key pair).

Before you start configuring the HTML Server with a certificate, you need to upload the .p12 file to the machine where the HTML Server is deployed.

Access the Server Manager Configuration form.

  1. Select the Security configuration for the HTML Server.

  2. For the External OAuth JWT Trust Configuration for Authentication, enter the keystore location details, and the password of the keystore.

  3. For the AIS Internal JWT Trust Configuration for Authentication, enter the keystore location details, password of the keystore, and select whether to use the demo certificate.

  4. Apply the change, synchronize, and bounce the HTML Server.

  5. Make sure the site key is enabled, so the password is encrypted and hidden after the sync/bounce.