Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Creating the keystore.jks and truststore.jks files

Updated on July 1, 2021

Enabling encryption between nodes secures the data that is transferred across nodes so that it cannot be accessed by unauthorized hosts. Create a keystore.jks for the private key and the associated certificate or certificate chain.

Before you begin: If you already have a self-signed certificate (SSL), go to step 2.
  1. Create a self-signed certificate by entering the following command:
    keytool -genkey -alias <alias> -keyalg RSA -keysize <enter size> -keypass <password>
                -keystore cluster-keystore.jks -storepass <password>
  2. Export the self-signed certificate so that it can be added to the truststore as the trusted certificate by entering the following command:
    keytool -export -alias <alias> -file <certificate> -keystore cluster-keystore.jks
                -storepass <password>
  3. Create the cluster-truststore.jks file by entering the following command:
    keytool -import -alias <alias> -file client.cer -keystore cluster-truststore.jks
                -storepass <password>
What to do next: Uploading the keystore and truststore files.

    Have a question? Get answers now.

    Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

    Did you find this content helpful?

    Want to help us improve this content?

    We'd prefer it if you saw us at our best.

    Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

    Close Deprecation Notice
    Contact us