1

We have a java client (mule app) which is using JTOpen for connecting to the AS400 system.
The connection is secured with SSL. The driver is using the JRE truststore (jssecacerts, cacerts) by default.

We would like to specify a custom truststore for the JTOpen session.

The only way to do this that I found in the documentation is to configure the javax.net.ssl.trustStore system property.
But this is a global property that may affect other applications. So, we are looking for the alternative.

Is there another way of specifying a path to a truststore for JT400, so, that it would not affect other applications running on the same VM system? May be a connection parameter or the driver specific property?

jmarkmurphy
  • 11,030
  • 31
  • 59
spoonboy
  • 2,570
  • 5
  • 32
  • 56
  • The JTOpen driver just uses the SSL support provided by the JVM. So there is no way to provide a trust store that would not be used by other Java code using the same JVM. Do you really have many application sharing the same JVM? You can specify the JVM javax.net.ssl.trustStore property when you start the JVM using JTOpen, so you don't have to change the global SystemDefault.properties file. – jweberhard Mar 28 '19 at 18:01
  • Yes, I'm aware about the javax.net.ssl.trustStore as you could see from the description. And, yes, there are multiple applications (a couple of dozens) running under the same JVM. It's a mule server. Generally, this is a standard challenge and most of the drivers provide some way of specifying a custom trust store. For MQ we override the sSLSocketFactory, for example. For other drivers, we override the trust manager. So, I hope that something similar is possible with JTOpen as well. – spoonboy Mar 28 '19 at 20:36

0 Answers0