Hi all,
How can I trace which certificate in which keystore of my app is used when I call a specific api with https
@PhuP16948644 When you call an API with HTTPS, Pega Platform relies on the Application Server to “trust” the certificate that another service provided. If the certificate provided by a service is not in the truststore, or otherwise not trusted, Pega Platform cannot complete the connection and an exception such as “Peer not authenticated” results. To trace which certificate is used, you can use the SSL debug system property (-Djavax.net.debug=ssl) in your Application Server. This will print out the SSL handshake details, including which certificate is being used for the connection.
This is a GenAI-powered tool. All generated answers require validation against the provided references.
Working with SSL-enabled endpoint
Secure the transport layer in integrations
To trace which certificate in which keystore of your app is used when calling a specific API with HTTPS, you can rely on the Application Server to ‘trust’ the certificate provided by the service.
When Pega Platform is deployed in Tomcat, it usually means that the default java truststore is in use.
IBM WebSphere has its own truststore, controlled in the Admin Console. You need to ensure that the application server’s truststore is set up correctly to establish the trust for the certificate used when making the API call.