Configuring the keystore on the broker

After you have created the keystore which holds the private key and certificate for the broker, it should be copied to the broker machine and the broker properties configured accordingly.

About this task

To configure the keystore on the broker complete the following steps:


  1. Copy the .p12 or .pem file to the working directory of the broker machine.
  2. Edit the file and configure the TLSCertificateFile property, setting it to the name of the .p12 or .pem file.
    Note: Use DefaultTLSCertificateFile to configure the certificate used for all connections to this broker. Each inbound or broker connection can also be configured to use a different certificate.
  3. Use the TLSCertificatePassphrase property to define a password for the keystore.
  4. Save the properties file.
  5. Restart the broker service.
    Windows systems
    1. Navigate to Control Panel > Administrative tools > Services
    2. Right click Remote Control-Internet Connection Broker and select Restart.
    Linux systems
    Depending on the type of Linux operating system that you are using, you can use one of the following commands to restart the broker service.
    • /sbin/service trcbroker restart
    • /etc/init.d/trcbroker restart


The broker will use the indicated keystore when providing server identity information.