Install a Certificate on the Agent Host

If you need to add a certificate on the agent host, use the keytool to import the certificate in keystore.p12. Installing the certificate enables you to access hosts with self-signed certificates. A certificate is not typically needed.

Note:

If you install a certificate after installing the connectivity agent, you must restart the agent.

See Restart the Connectivity Agent.

Scenarios under which you need to import the certificate in the agent keystore are as follows:
  • The connectivity agent is used with an SSL proxy.

  • The connectivity agent is used to invoke secure (SSL) on-premises endpoints.

To install a certificate on the connectivity agent host:

  1. Go to the agenthome/agent/cert/ directory (keystore.p12 is available here).

  2. Run the following command:
    keytool -importcert -keystore keystore.p12 -storepass password -alias alias_name -noprompt -file certificate_file -trustcacerts

    Where:

    • -storepass password: The default, initial password for the agent keystore. Refer to your keytool documentation for the default storepass password. See keytool.
    • -alias alias_name: Any name to uniquely identify the imported certificate in the keystore.
    • -file certificate_file: Absolute path of the certificate file.