Certificate configuration for consumed rest service KeyStoreException: Cannot store non-PrivateKeys
0
Hi, I am trying to connect to a REST service but am experiencing some difficulties with the required certificates to get the connection to work. As far as I know I need two sets of certificates: one chain for the OKTA (oktapreview) domain for the Token (OAuth2) and one chain for the server that I need to consume. What I did is: Download all the certificates via Chrome; Create a new keystore locally using keytool, add all (6) certificates to the keystore; Export the keystore as a pfx; Configure the keystore in Mendix Studio using “ClientCertificates” and “ClientCertificatePasswords”. Next I get this error: “KeyStoreException: Cannot store non-PrivateKeys”. I’m assuming the error is correct since I did not store any private key files in the keystore, just the CER exports. Can anyone tell if I would need a Private Key for each of the certificates in my keystore? Or just a private key for one of the domains? The chances of getting a private key for some of these domains is very small considering how high-level they are. Also the service we’re connecting with (MuleSoft) informed me that parties (non-mendix) are able to connect without the usage of private keys. Thanks,
asked
Bas van der Linden
1 answers
0
You can set up client certificates in the configuration tab in Studio Pro and in the environment details when running in the cloud. See https://docs.mendix.com/howto/integration/use-a-client-certificate/ for details.