If you setup Secure+ during the install you need to import certificates from C:D on C:D WebServices

Bellow i provide some common error messages that happens when not configured.

Procedure

Import from C:D keystore to C:D WS Trusted Store - in same machine

I will import from cdkeystore.kdb to trustedkeystore.jks

cd /home/cdadmin02/cdunix/jre/ibm-java-x86_64-80/jre/bin

./ikeycmd -cert -import \
 -db /home/cdadmin02/cdunix/ndm/secure+/certificates/cdkeystore.kdb -pw changeit -label CDInternal \
 -target /opt/MFTWebServices/mftws/BOOT-INF/classes/trustedkeystore.jks -target_pw changeit -new_label CDNODE02-CDInternal

Common Error Messages

The following message erros can confirm this situation when you try to connect to C:D on User Functions

• Error on C:D WebService

Connect:Direct server is in stop state or ipAddress/port is invalid 

• Error on C:D log

STAR=20230425 19:38:58.479|CCOD=8|RECI=CSPA|RECC=CAEV|OSID=17600|TZDI=-25200|MSGI=CSPA304E|MSGT=Client connection is not secure.  Message ID CSPA304E, rc=8, fdbk=0.
STAR=20230425 19:38:58.481|RECI=CXIT|RECC=CAEV|OSID=17318|TZDI=-25200|MSGT=CMGR exited.  Pid=17600.  Exitcode=0.

Check your configuration

You can check using command

cd /home/cdadmin02/cdunix/etc
./cdcustrpt

check the following in cd.support.rpt

SPCLI> display all;
...
 Name=.Client
 Type=R
 Protocol=(TLS1.2,TLS1.3)
 Override=N
 SecurityMode=DefaultToLN
 AuthTimeout=120
 KeyCertLabel=CDInternal
 ClientAuth=Y
 CipherSuites=(TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,...)

Check

cd /home/cdadmin02/cdunix/jre/ibm-java-x86_64-80/jre/bin/
./ikeycmd -cert -list -db "/home/cdadmin02/cdunix/ndm/secure+/certificates/cdkeystore.kdb" -pw changeit

the output

Certificates in database /home/cdadmin02/cdunix/ndm/secure+/certificates/cdkeystore.kdb:
  CDInternal

Ver também

• IBM Sterling
• IBM Sterling Connect:Direct
• Artigos sobre Cloud
• Mais Artigos sobre Cloud / WebDev / Tecnologias