Storing Trusted Certificates Outside of Your Project

Storing trusted certificates in the project requires you to import any new certificates into the project, re-create the enterprise archive file, and re-deploy your project when certificates change or expire. To avoid this problem, you may wish to store your certificates in a folder outside of your project. When certificates change or expire, you can replace certificates or add new certificates and then restart the process engine to load the changes.

To store trusted certificates outside of your project, perform the following procedure:

Procedure 

  1. Create a folder in your file system in the location where you wish to store the trusted certificates. You must copy this folder to each machine where your process engines are deployed, or the location can be a shared network area accessible by all process engines.

  2. In your ActiveMatrix BusinessWorks project, create a global variable named BW_GLOBAL_TRUSTED_CA_STORE. For more information about global variables, see Global Variables.

  3. Set the value of BW_GLOBAL_TRUSTED_CA_STORE to the location of the trusted certificates folder on your file system. The location can either be the same for all deployed engines (that is, you copied it to the same location on each machine or it is a shared network drive), or you can change the value of the global variable when you deploy the project to the location on the machine where you place the trusted certificates.

    The value you set for BW_GLOBAL_TRUSTED_CA_STORE must be a file URL, for example, file:///c:/tibco/certs.

  4. Specify a value in the Trusted Certificates field in the SSL Configuration dialog. When the project runs, the value of BW_GLOBAL_CA_STORE overrides the value you specify with the location you provided.