Configuring the application server to access the Cloudant database through HTTPS

Whether you installed the MobileFirst Data Proxy manually or with Ant tasks, if you access the Cloudant® database through HTTPS, and your application server is WebSphere® Application Server full profile, you must configure your certificates. If your application server is WebSphere Application Server Liberty profile, and a self-signed certificate is used to access the Cloudant database, an extra configuration step is required.

For WebSphere Application Server full profile, you must import the Cloudant signer certificate in the WebSphere Application Server truststore to access the Cloudant database through HTTPS. If you connect to Cloudant through the HTTPS protocol, follow steps 1 to 7.

1. Open the WebSphere Application Server console.
2. Go to Security > SSL Certificates and Key Management.
3. In Related Items, click Key stores and certificates.
4. Select NodeDefaultTrustStore.
5. Select Additional Properties > Signer certificates.
6. Click Retrieve from port.
   1. Enter the Cloudant host name and the port, which is by default 443.
   2. Select an alias, for example Cloudant trust store.
   3. Click Retrieve signer information.
   4. Click OK.
7. Click Save.

For WebSphere Application Server Liberty profile, if you access the Cloudant database through HTTPS with a self-signed certificate, you must import this certificate in the cacerts truststore of the JVM that is used by your Liberty server, which you find in: JAVA_INSTALL_DIR\jre\lib\security\cacerts.

8. Use the keytool command that is available in both IBM® JRE and Oracle JRE, as of Java™ 6.
9. For more information, see the Keytool section of the IBM SDK, Java Technology Edition user documentation.
   Note: The password to access this truststore is changeit.