Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Import certificates without restarting the server (8.3)

Updated on May 3, 2021

You can now import X.509 certificates that are common across platform applications without having to restart your server. Pega Platform™ now includes a platform truststore, which supplements the application server-level truststore. When a certificate needs to be validated, Pega Platform looks for the certificate in the connector definition, the platform truststore, and finally the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.

Multinode environments require restart to initiate changes.

The following figure shows the activity for adding certificates to a truststore.

"Activity for adding certificates to the platform truststore"
Activity for adding certificates to the platform truststore

For more information, see Importing an X.509 certificate.

  • Previous topic Configure token credentials authentication services (8.3)
  • Next topic Increase flexibility for key management services (8.3)

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us