In case of SSL certificate errors, you may have to load certificate files in Java keystore.
Download the Certificate
Launch the Service or Application URL in browser and downloaded certificate .cer file, receive it from your infrastructure team, or generate a new certificate on the target system.
Install the Certificate
either into cacerts
You can load it directly into your java cacerts, but this will be removed when Java is upgraded. The next session shows that approach, which is the easiest to use, but may not be the best option for your situation.
First figure out JDK used by FlexDeploy and/or Endpoint as applicable.
For example, cd /u01/jdk1.8.0_60
cd jre/lib/security/
Copy .cer file in this folder.
cp cacerts cacerts.bak
../../bin/keytool -importcert -keystore cacerts -alias <alias name> -file <certificate file name>
Type password (likely “changeit”)
Or into another keystore (recommended)
Alternatively, make a new keystore to hold it, or add it to an existing alternate keystore.
cd to FLEXDEPLOY_HOME
Import the keystore into a new or existing keystore
<JAVA_HOME>/bin/keytool -importcert -keystore flexdeploy.keystore -alias <alias name> -file <certificate file name>
Reference the keystore from the setenvoverride.sh file in the apache-tomcat-flexdeploy/bin folder.
FLEXAGON_FD_JAVA_ARGS=" -Djavax.net.ssl.keyStore=/<path-to-the-keystore-file here> -Djavax.net.ssl.keyStorePassword=<pw here> ”
If you had other Java args, make sure that they are separated with spaces.