Working with SSL-enabled endpoints

When a customer has a Connector rule for an HTTP-based protocol such as HTTP, SOAP, REST, and sometimes Email, they may point to an SSL-enabled ("https") endpoint. The service that is connected to will provide an SSL certificate in order to identify itself and secure the connection.

The Application Server verifies the certificate that another service provided. When Pega Platform is deployed in tomcat, typically the default java trust store is in use. IBM Websphere has its own trust store, controlled in the Admin Console.

When the certificate provided by a service is not in the trust store, or otherwise not trusted (for example, it is out-of-date or issued to a different organization), the connection cannot be completed and an exception results.

Ensure that the application server's trust store is set up correctly.