Skip to main content
Woohoo! Qlik Community has won “Best in Class Community” in the 2024 Khoros Kudos awards!
Announcements
Nov. 20th, Qlik Insider - Lakehouses: Driving the Future of Data & AI - PICK A SESSION
cancel
Showing results for 
Search instead for 
Did you mean: 
TSim1679177632
Contributor
Contributor

CXF Keystore

I've defined the keystore settings in org.apache.cxf.http.conduits-common.cfg for my service, but the Talend runtime isn't using them. I get the error message: The location of the trust store has not been set via a system parameter or through configuration so the default value will be used.

I'm following the article: https://help.talend.com/r/en-US/7.3/access-secure-services-with-studio-and-runtime

Labels (1)
  • Cloud

2 Replies
SadlerS
Contributor III
Contributor III

Hello,

 

It seems like you have configured the keystore settings in the "org.apache.cxf.http.conduits-common.cfg" file for your service, but the Talend runtime is not utilizing those settings. Instead, it is falling back to the default trust store location, resulting in the error message you mentioned. mybkexperience

 

To resolve this issue, make sure you have followed the steps outlined in the Talend documentation you mentioned. Here are a few suggestions to troubleshoot the problem:

 

Verify the configuration file: Double-check that you have correctly modified the "org.apache.cxf.http.conduits-common.cfg" file and that the keystore settings are properly defined. Ensure that the file is in the expected location and that the changes are saved.

 

Restart the Talend runtime: After modifying the configuration file, restart the Talend runtime to ensure that the changes take effect. Sometimes, a restart is necessary for the runtime to pick up the updated configurations.

 

Verify the runtime arguments: When starting the Talend runtime, ensure that you are passing the appropriate system parameter to specify the location of the trust store. Check the command or script you use to start the runtime and confirm that the necessary arguments are included.

 

Check the keystore file location: Ensure that the keystore file you are referencing in the configuration is present in the specified location. Verify the file path and permissions to ensure that the runtime can access it.

 

Review Talend runtime logs: Examine the Talend runtime logs for any additional error messages or warnings related to the keystore configuration. The logs may provide more insights into why the runtime is not utilizing the specified keystore settings.

 

 

Dorranceder
Contributor
Contributor

To design a keystore in CXF for secure correspondence, you want to follow these general advances: Make or get a keystore document: You can utilize a device like Java's keytool or OpenSSL to make a keystore record. Official website The keystore record regularly contains a server's confidential key and its comparing testament. Design CXF to utilize the keystore: In your CXF setup, you really want to determine the area and subtleties of the keystore. This should be possible through XML design or automatically, contingent upon your arrangement. XML Setup Model: xml Duplicate code <http:conduit name="*.http-conduit"> <http:tlsClientParameters> <sec:keyManagers keyPassword="keyPassword"> <sec:keyStore type="JKS" password="keystorePassword" file="path/to/keystore.jks"/> </sec:keyManagers> </http:tlsClientParameters> </http:conduit> In this model, the http-conductor is designed with TLS/SSL settings and references the keystore document (keystore.jks). You want to give the right record way, keystore secret word, and key secret key as indicated by your particular arrangement. Determine truststore (whenever expected): notwithstanding the keystore, you may likewise have to design a truststore. A truststore contains believed endorsements that CXF will use to check the character of the server you are speaking with. XML Design Model: xml Duplicate code <http:conduit name="*.http-conduit"> <http:tlsClientParameters> <sec:trustManagers> <sec:keyStore type="JKS" password="truststorePassword" file="path/to/truststore.jks"/> </sec:trustManagers> </http:tlsClientParameters> </http:conduit> In this model, the trustManagers component determines the truststore record (truststore.jks) and its secret key. Change the record way and secret key likewise. Update your application code: Contingent upon how you are utilizing CXF, you might have to refresh your application code to guarantee that CXF is utilizing the designed keystore and truststore for secure correspondence. These are general moves toward design a keystore in CXF. The specific design might shift relying upon your particular use case, sending climate, and CXF form. Counsel the CXF documentation and pertinent assets for additional itemized directions and models well defined for your variant of CXF and organization situation.