Importing a security certificate in Rule Designer

To be able to securely connect your Rule Designer to the Decision Server and Decision Center components that are running in IBM Cloud Private, you need to establish a TLS connection through a security certificate. You import the security certificate into the JVM's cacerts file that is used to start Rule Designer.

1. To import a certificate into the JVM, use the keystore keytool.

   The following example uses the default odmonicpserver.cer certificate and the default cacerts truststore.

   cd <JAVA_HOME>/jre/lib/security
   keytool -importcert -file odmonicpserver.cer -keystore cacerts -storepass changeit -alias odmicpserver

   Where changeit is the fixed password that is used to protect the integrity of the cacerts file.

2. If you prefer to use the truststore (which integrates the certificate), proceed as follows:
   1. Copy the truststore.jks file to your Rule Designer installation directory next to the eclipse.ini file.
   2. Add the SSL properties at the end of your eclipse.ini file. To use the default security certificate, enter the following lines:

      -Djavax.net.ssl.trustStore=truststore.jks
      -Djavax.net.ssl.trustStorePassword=changeme

      Where changeme is the fixed password to be used for the default truststore.jks file.

      To use another security certificate, enter the following lines:

      -Djavax.net.ssl.trustStore=truststore.jks
      -Djavax.net.ssl.trustStorePassword=truststorePwd

      Where truststorePwd is the password that you define for your truststore.jks file.

3. Restart Rule Designer.