Certificate Management
The Keys section displays the list of keys (Public and Private) of the server's trust store and allows to add or remove keys to the Server trust store.
Click the Keys icon on the left side of the Administration screen to manage certificates.
Public Key Store Configuration
Adding Partner's Public Key
from Keystore
- Click the Down arrow in the Add icon and click Add Partner Public Key to add the Public Key Store Configuration section.
- In the Public Key Store Configuration section, provide the following:
- Add key From: Select "KeyStore".
- Load File: Click the Select file button and add the Public Keystore file stored in the system.
- Alias Name: Select the name that populates in the drop-down after adding the Keystore file.
- New Alias Name: Provide a new alias name.
Click the Save icon. After successful saving, details appear in the Public-Private keys section.
To remove a key from the list, click the Delete icon.
Adding Partner's Public Key
From Certificates
Perform the same actions as in the above section, but select "Certificate" from the Add Key From drop-down.
Private Key Store Configuration
Adding Host-Key Pair
- Click the Down arrow in the Add icon and click Add Partner Public Key to add the Public Key Store Configuration section.
- In the Public Key Store Configuration section, provide the following:
- Load Keystore File: Click the Select file button and add the Private Keystore file stored in the system.
- Alias Name: Select the name that populates in the drop-down after adding the Keystore file.
- New Alias Name: Provide a new alias name.
- Key Client Password: Password to authenticate the key.
Click the Save icon. After successful saving, details appear in the Public-Private keys section.
Setting TrustStore reload-time in Jetty Server Profile configuration
For new certificates to be reloaded into the server, Trust store reload time needs to be set.
Jetty server running in the gateway server will be reloaded with new certificates within this interval.
To set the Trust Store reload time, perform the following actions:
- Open eStudio and open the Profile Management perspective.
- Open APIGateway Server profile.
- Go to APIGateway > Fiorano > APIGateway > Jetty > PeerAPIManagementJetty.
Set the TrustStoreReload time to the required time interval.
By default, the Truststore Reload time is set to 0 due to which the Trust store does not load.