Certificate and Trust Store Requirements
During Management Cloud Engine (MCE) activation, the MCE handles certificate import and trust store creation.
The MCE uses the following key paths and files.
/opt/mce/conf/ssl(inside MCE container):- osdmc.jks — Creates the trust store and, during activation, imports .pem files present in the
/opt/mce/conf/ssldirectory into the trust store.This trust store contains certificates required for the MCE to trust Oracle cloud services (for example, Identity Cloud Service (IDCS) or Oracle® Session Delivery Management Cloud (Oracle SDM Cloud) endpoints).
- If the MCE cannot obtain a token from IDCS or to register with Oracle SDM Cloud, the user must add their Root CA or intermediate CA certificates to the
/opt/mce/conf/ssldirectory inside the MCE container.
- osdmc.jks — Creates the trust store and, during activation, imports .pem files present in the
/opt/mce/transport/tls(inside MCE container):- This file is used for establishing secure (TLS) connections to managed devices. The AcpKeyAndCertstore is generated when you import device certificates using the Oracle SDM Cloud's Tools drop-down menu.