...
When the sll certificate issuer used by a https web host mentioned in the FEWS configuration isn't bundled with the (Amazon) java run time you need to create a truststore file. You can create Unfortunately this will not work when the certificate is used by the database connection itself.
Create this truststore file with
- (2018.02 build 87948 and later) a FEWS standalone - F12- convert → convert certificate file to truststore
...
- file.
- (older builds) the keytool.exe located
...
- in the jre/bin dir. Use a cmd prompt with something like: <location of fews bin>\jre\bin\keytool.exe -import -v -alias root -file <certificate file> -keystore <name>.truststore -storepass <pass>
Check the contents of a truststore with the keytool (cmd: keytool -list -v -keystore <name>.truststore). Look for
- "Owner: CN=" with the hostname, and
- SubjectAlternativeName, with alternative DNSNames
Add the truststore file to the otherRootConfigFiles so it is automatically downloaded on a OC/FSS/PI. You have to add this file to the otherRootConfigFiles so it is automatically downloaded on a OC/FSS/PI. Unfortunately this will not work when the certificate is used by the database connection itself.
synchProfile
A synchProfile can be defined if you would like to create an OC with LocalDataStore. By default the connection will be Direct Data Access (DDA).
...