- This line was added.
- This line was removed.
- Formatting was changed.
NOTE: For authentication with HTTPS sources/targets, SOAP web services, or SFTP, instead refer to these topics:
Jitterbit uses standard HTTPS to communicate securely over the Internet. Jitterbit applications that are installed locally – including Private Agents, Design Studio, and Data Loader – include a trusted keystore containing all of the certificates that are needed to communicate securely.
You may need to add a new certificate to the Jitterbit Java keystore if, for example, you are using a proxy server and need to allow the Jitterbit local client to communicate securely through the proxy server.
This page contains generic instructions for manually adding certificates to the Jitterbit Java keystore.
Java KeyStore (JKS)
You must be in Administrator mode in order to run Java Keytool commands. Any of the Java Keytool commands presented in this document may be used by substituting the home directory for the product you are working with:
Jitterbit local applications use the standard Java KeyStore (JKS) repository bundled with Java as the repository of all certificates. The keystore is named "cacerts" and is located in these directories:
Certificates must be installed into the
Change Default Password
The default password for the Jitterbit Java keystore is the default password for any JKS, which is "changeit". It is recommended that you change the password using this command:
Get List of Certificates
To list all of the certificates in the Jitterbit Java keystore, use this command:
<Jitterbit Agent Home>\jre\bin\keytool -importcert -trustcacerts -alias <alias> -file <certfile> -keystore <Jitterbit Agent Home>\jre\lib\security\cacerts
<Jitterbit Agent Home>/jre/bin/keytool -importcert -trustcacerts -alias <alias> -file <certfile> -keystore <Jitterbit Agent Home>/jre/lib/security/cacerts
Upgrade or Reinstall Jitterbit
You must install the certificate(s) in the
\jre\lib\security folder that Jitterbit ships with the product each time you upgrade or reinstall Private Agent(s), Design Studio, or Data Loader.
Renew or Replace Certificates
Each time you change the certificate(s) that are used, it will be necessary to get the new certificate(s) from your network administrator or third-party vendor and install them in the
\jre\lib\security folder that Jitterbit ships with the product.
Troubleshoot Certificate Issues
Additional steps to troubleshoot certificate issues are available at Check for Valid SSL Certificate or Proxy Filter Setting Error Message.
Additional KeyTool command resources are available:
Configure a Private Agent to Not Accept All Certificates By Default
When installing a Private Agent, all certificates are accepted by default. If you do not want to accept all certificates by default, these steps are recommended before deploying an agent to production:
- Add the list of certificates originating from the proxy server using the Add a New Certificate command above.
Configure the Private Agent to validate against the list of certificates in its keystore using this command:
Code Block title Windows
Code Block title Linux
Last updated: lastmodifieddate