Configuring TLS certificates for messaging services

You can configure public key certificates to enable transport layer security (TLS) between messaging services and messaging applications on the internal network.

To configure a secure connection between messaging services and message processing servers or push initiators, configure each endpoint.
  • The key certificates at the messaging services endpoint are stored in the key database and secured by a stash password. The default key database file name is ppg.trusted.kdb. The default stash password is "trusted" and is stored in ppg.trusted.sth.
  • If you use a key database file or stash password file other than the default, specify the file names on the Gateway page of the messaging services properties.
  • For information about configuring the message processing server or push initiator endpoint, see Configuring TLS certificates for message processing applications.
  • For information about changing the stash password, creating a certificate request, submitting the certificate request, storing certificates, and updating the root certificate, see Managing certificates for HCL SafeLinx.
  • After you update certificates in the key database, restart the SafeLinx Server to activate the change.