IFS Batch Server

If you use a certificate on the application server that is not trusted by any of the CA in the default TrustStore cacerts then you have to add the certificate to TrustStore and let Batch Server know of it. This is done by running java keytool

<ifs_home>\java\bin\keytool -import -alias application-server-cert -file <application_server_certificate_file> 
-keystore <truststore> -password <password_to_truststore>

-import: tells the keytool that you want to import a certificate into a Truststore

-alias: a meta name that you want to associate your certificate with. Give it a descriptive name and not just a certificate or cert#.

-file: Tells keytool which file to import. This is the same path and name as you specified in the previous page.

-keystore: Tells keytool which Truststore to use. Create a new Truststore by supplying a path to a nonexistent file.

-password: Truststores are password protected and keytool needs the password to be able to read and write to the Truststore. If you create a new Truststore this will be the password that Truststore.

When asked if you trust the certificate, say yes. The result of that operations should look like this

Owner: CN=ApacheDS, OU=Directory, O=ASF, C=US
Issuer: CN=ApacheDS, OU=Directory, O=ASF, C=US
Serial number: 128730a7b7c
Valid from: Fri May 07 06:53:06 PDT 2010 until: Sat May 07 06:53:06 PDT 2011
Certificate fingerprints:
         MD5:  E8:43:01:F0:38:40:15:E6:F6:F6:6E:B9:DE:52:51:22
         SHA1: AF:EA:FC:80:1F:31:4F:26:2E:20:71:D9:4F:DA:F7:47:0E:B9:02:89
Trust this certificate? [no]:  yes
Certificate was added to keystore

You can check and see if the you certificate are in the Truststore by using this command.

java\bin\keytool.exe -list -keystore <truststore> -storepass <password_to_truststore>

Running Batch Server for command line

Open Batch Server cmd file and add https:// to the URL variable.

Add this to %JAVA_HOME%\bin\java -server -Xmx128m -classpath %CLASSPATH% last in the bat file.

-Djavax.net.ssl.trustStore="<path_to_TrustStore" 
-djavax.net.ssl.trustStorePassword=<password_to_TrustStore>

Restart the Batch Server

Running Batch Server as Service

Edit the Batch Server ifm file and add https:// to the URL variable.

Add this to $SERVICE.CMD_LINE=&JAVA_HOME\bin\java -server -Xrs -Xmx128m -classpath &CLASSPATH in the ifm file.

-Djavax.net.ssl.trustStore="<path_to_TrustStore" 
-djavax.net.ssl.trustStorePassword=<password_to_TrustStore>

Restart the Batch Server service.