To establish secure communication between the ECI API (Micro Focus or IBM) and Enterprise Server, you need a Java keystore that includes Enterprise Server trusted certificates that can be used by Java ECI programs. You then import your trusted root certificate into the keystore. Once the keystore is ready, execute the java command to complete the configuration.
To generate a keystore:
keytool -genkey -alias esServer -keyalg RSA -keystore estrustStore.jks
To import the trusted root certificate you set the trusted root certificate to verify the certificate provided by Enterprise Server.
keytool -import -alias esrootcert -file CARootcert.pem -keystore estrustStore.jks
To execute the java command for your ECI programs using the following command-line arguments:
-Djavax.net.ssl.trustStoreType=jks -Djavax.net.ssl.trustStore=c:/MySubversionProjects/ccl/ssl/esRootCert.jks -Dcom.sun.net.ssl.checkRevocation=true
-Dmf.ssl.algorithm=Ibmx509
See Secure Communications (TLS/SSL) for more information on Enterprise Server and CA certificates. Micro Focus also provide a demonstration CA you can use to test your TLS connections. See Using the Demonstration Certificate Authority for more information.