You can now import X.509 certificates that are common across platform applications without having to restart your server. Pega Platform™ now includes a platform truststore, which supplements the application server-level truststore. When a certificate needs to be validated, Pega Platform looks for the certificate in the connector definition, the platform truststore, and finally the application server (JVM) truststore. You can add, update, and delete certificates in the platform truststore without having to restart the server, which is useful when TLS certificates are changed for reasons such as key rotation.

Multinode environments require restart to initiate changes.
 

The following figure shows the activity for adding certificates to a truststore.

For more information, see Importing an X.509 certificate.