Importing a TLS Certificate File
Use this procedure to configure Transport Layer Security (TLS) to import a TLS certificate file to enable your database client to connect to a TLS-enabled database.
- Obtain the database certificate file from your JD Edwards EnterpriseOne
administrator. For example, the certificate might be
called:
cacert.crt
- Copy the certificate file to a directory on your Development Client, for
example:
C:\certs
- If you are using EnterpriseOne H4A, determine which JDK the H4A is using, where the
possibilities are Oracle WebLogic or IBM WebSphere.
- If using WebLogic, edit the below file and note the value of the JAVA_HOME
entry:
\oui\.globalEnv.properties
- If using WebSphere, note the location of the below
directory:
<WebSphere_install_dir>\AppServer\java
- If using WebLogic, edit the below file and note the value of the JAVA_HOME
entry:
- Import the certificate file to the Java trust store using these steps:
-
Open a command prompt window with Run as Administrator.
- Change directory to the bin directory of the JDK that you determined in the
previous step. For example:
cd C:\Program Files\Java\jdk1.8.0_341\bin
- Run this command:
keytool -import -alias <alias> -keystore <keystore_path> -file <certificate_file>
where
<alias>
is a name for the certificate<keystore_path>
is the path to the JRE keystore; enclose in double quotes if the path contains a space<certificate_file>
is a file containing the certificate to import; enclose in double quotes if the path contains a spaceFor example:
keytool -import -alias db2key -keystore "C:\Program Files\Java\jdk1.8.0_341\jre\lib\security\cacerts" -file c:\certs\db2.crt
- When prompted for the keystore password, enter the password for the keystore.
- When prompted to trust the certificate, enter: y
-