Adding SSL certificates - 3.12

Data360 Analyze Server Help

Data360 Analyze
Product family
Product name
Data360 Analyze
Data360 Analyze Server Help
First publish date

This topic describes how to add SSL (Secure Sockets Layer) certificates to Data360 Analyze.

Note: SSL settings are not maintained during upgrade.

Running nodes to connect over HTTPs to 3rd party systems

You can use the nodes, for example, HTTP node, salesforce nodes to request resources from remote servers over HTTPS to 3rd party systems. If a custom certificate is used for HTTPS, you need to work with your system administrator to install the custom certificate in the Data360 Analyze keystore to enable the HTTP node to connect:

Step 1 - Exporting the certificate

Step 2 - Installing the certificate

Tip: If you have a certificate that is on the standard Java trusted certification list, then you can skip to Installing the certificate.

Exporting the certificate to a file (Windows example)

  1. From the Windows Start menu, navigate to Control Panel > Network and Internet > Internet Options.
  2. Select the Content tab and click the Certificates button.
  3. Select the appropriate certificate and click Export.
  4. Save the certificate file to the machine where the server is installed, and make a note of the save location, for example c:\users\Administrator\Desktop\certificate_name.cer.

Installing the certificate

You must add certificates to the Data360 Analyze keystore in order for the HTTP node to use them. You can use the Java Keytool that ships with Data360 Analyze to add new certificates.

The Java Keytool (located at <installationDirectory>\jre\bin) stores the keys and certificates in what is called a keystore, where its entries are protected by a keystore password. A keystore entry is identified by an alias, and it consists of keys and certificates that form a trust chain. Each certificate in a Java keystore is associated with a unique alias.

To add new certificates to the Data360 Analyze keystore:

  1. Use the Java keytool utility to import the certificate into the Java Store by running the following command, where <alias>, <Data360Analyze Install Directory> and <path-to-certificate> are replaced with custom values:

    keytool -import -alias <alias> -keystore <Data360 Analyze site directory>/cust-keystores/cacerts -file <path-to-certificate-file>

    Tip: You can replace <alias> with any value, for example customCertificate.
    Note: <Data360 Analyze site directory> is specified at installation. The default location is C:\Users\<username>\Data360 Analyze\data-7731 on Windows or /home/<user>/Data360 Analyze/data-7731 on Linux.
    Note: The path locations for the cacerts keystore was <installationDirectory>\jre\lib\security\cacerts (for versions older than 3.8.5 and in 3.10.0 ) and it is now changed to <siteDIrectory>\cust-keystores\cacerts.

  2. When prompted for the keystore password, enter the following default password: changeit. We recommend that you do not change the password as changing it may result in nodes failing.
  3. When asked if you wish to trust this certificate, type yes.

    A message is displayed stating that the certificate was added to the keystore and Java will now treat this certificate as trusted.

Removing browser certificate warnings

You may need to install a trusted certificate locally, for example if you are accessing public sites that use certificates from providers that are not on the standard Java trusted certification list, or if you are using your own internal certification authority. The following steps give an overview of how to do this in Chrome and Internet Explorer 11.


  1. Click the padlock icon in the browser address bar.
  2. Click Details, then View Certificate.
  3. Open the Details tab.
  4. Click Copy to File.
  5. The Certificate Export Wizard will guide you through the process. When prompted, select Base-64 encoded X.509 (.CER), then click Next.