Highlighted
Outstanding Contributor.. yangnigon Outstanding Contributor..
Outstanding Contributor..
421 views

Conceptual question about TLS support for BPM 9.3 with an APM 9.3 connection

Jump to solution

Hi community,

Today, I ran into something about the certs and it gave me different perspectives, so I would like to check some concepts here.

Configuring TLS support for BPM with an APM connection, does BPM need to have a separate keystore which contains/imported a APM server certificate generated by APM?

Or

Does BPM need to have a separate keystore which contains/imported a APM server certficate generated by APM AND a BPM server certificate generated by BPM as well?

Can someone tell me what's the missing in the below for establishing a secure connection between APM and BPM?

On APM server: (3 entry)
Keystore for APM generated
2 CA imported into keystore
An APM generated cert impoted into keystore

On BPM server: (3 entry)
Keystore for BPM generated
2 CA imported into keystore
A BPM generated cert imported into keystore

If someone can answer above questions and providing some insights, I would appreciate it.

Thanks,

Tags (1)
0 Likes
1 Solution

Accepted Solutions
Outstanding Contributor.. yangnigon Outstanding Contributor..
Outstanding Contributor..

Re: Conceptual question about TLS support for BPM 9.3 with an APM 9.3 connection

Jump to solution

It looks like all of certs need to be added to truststore as well including CA and BPM generated cert.

"The 'cacerts' is a truststore. A trust store is used to authenticate peers. A keystore is used to authenticate yourself".

Thanks,

0 Likes
1 Reply
Outstanding Contributor.. yangnigon Outstanding Contributor..
Outstanding Contributor..

Re: Conceptual question about TLS support for BPM 9.3 with an APM 9.3 connection

Jump to solution

It looks like all of certs need to be added to truststore as well including CA and BPM generated cert.

"The 'cacerts' is a truststore. A trust store is used to authenticate peers. A keystore is used to authenticate yourself".

Thanks,

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.