Configure the connection to the REST API endpoint
BlackBerry 2FAserver's REST API endpoint is protected using server-authenticated HTTPS. You must configure your custom services to trust the
BlackBerry 2FAserver. You have the following options:
- You can use the default self-signed certificate generated during installation of theBlackBerry 2FAserver. The default self-signed certificate is located in bb2fa-config/restkeystore.jks. Your client application must be configured to trust this certificate explicitly. The default server port is 5443.
- You can supply your own CA-signed certificate by importing it into aJavakeystore under the “bb2fa” alias (RSA2048 is recommended as the key algorithm). Copy the keystore file into the bb2fa-config directory and update the keystore file name and password on theBlackBerry 2FAserver configuration page inBlackBerry UEM.
- In theBlackBerry UEMmanagement console, on the menu bar, clickSettings>External integration>BlackBerry 2FA server.
- Click the name of the2FAserver that you want to configure.
- In theREST interface configurationsection, enter the information.