iWay Application Adapter for Salesforce User's Guide > Certificate Management > Trust Store Management

Trust Store Management

Topics:

This section describes how to configure trust store management.

Downloading the Root Certificate and Intermediate Certificate

Download the client certificate (sfdc-client.cert) from Salesforce website.

Download the intermediate certificate (for example, verisignclass3ca.cer) and the root certificate (for example, verisignintermediateca.cer) according to the client certificate.

Importing the Root Certificate and Intermediate Certificate

Use the following command to import the root certificate:

D:\ certificate>keytool -import -alias verisign_root_ca -file  
verisignclass3ca.cer -keystore truststore.jks -storepass iwaysoft 

Use the following command to import the intermediate certificate:

D:\ certificate>keytool -import -alias verisign_intermediate_ca -file  
verisignintermediateca.cer -keystore truststore.jks -storepass iwaysoft 

Importing the Client Certificate

Before you import the client certificate, verify that the alias is compliant to the certificate.alias key, which is defined in the Salesforce adapter configuration file (LocalStrings.properties). The default is salesforce.

Use the following command to import the client certificate:

D:\certificate>keytool -import -alias salesforce -file sfdc-client.cert 
-keystore truststore.jks -storepass iwaysoft 

Depending on your environment, the following error may be generated during the import process: 

keytool error: java.lang.Exception: Input not an X.509 certificate.

As a workaround, you must transform the client certificate format to a Base64 encoded binary format.

Note: Before you continue, make sure that the root certificate is installed.

Perform the following steps:

  1. On a Windows platform, change the file extension to .CER and double-click the file.

    The Open dialog box is displayed.

  2. Select Install Certificate.
  3. Open Internet Explorer.
  4. From the menu bar, click Tools and select Internet Options from the context menu.

    The Internet Options dialog box opens.

  5. Click the Content tab.
  6. In the Certificates area, click the Certificates button.

    The Certificates dialog box opens.

  7. Select the certificate you imported previously.
  8. Click Export and select Base 64 encoded binary X.509.
  9. Import this format using the following command:
    D:\certificate>keytool -import -alias salesforce -file  
sfdc-client.cert -keystore truststore.jks -storepass iwaysoft 

 iWay Software

Feedback