Import the trusted mutual TLS certificates into the BEMS keystore
In environments where the metadata endpoint is protected by mutual TLS authentication, you must import the mutual TLS certificate into the
BEMSkeystore. Adding this certificate allows
BEMSrespond to mutual TLS verification requests as required. Use DBManager to import the certificates. By default, DBManager is located in the installation folder at <
Save a copy of the .pfx certificate that you exported from the Certificate Authority to a convenient location on the computer that hosts
- On the computer that hosts the on-premises BEMS, verify that the PATH System variable includes the path to the JAVA directory.
- In a command prompt, typeset | findstr "Path".
- Import the mutual TLS certificate.
- On the computer that hostsBEMS, in a command prompt run as administrator, navigate to DBManager.
- Type,tools\dbmanager\target>java -classpath "*" com.good.tools.db.client.Client -dbHost "localhost" -dbName "BEMS_DB_name" -dbType sqlserver -action addprivatekey -keyPassword "password" -p12File "<certificate_file-path>/<file name>.pfx" -alias "mutualTLS" -tenantId "default" -integratedAuth true
- In theWindowsService Manager, restart theGood Technology Common Servicesservice.
- Repeat step 4 on each computer that hosts theBEMS-Mailcomponent.