Share all details about your problem, including any error messages you may have received.
I am attempting to follow the documentation to configure our Epic connector. it mentions a Certificate that needs to be imported. Does anyone have any more detailed steps on how to do this? Is this a certificate that comes from Epic, or is this a certificate that I need to get?
Hi @jhaase1 - yes you will need the server cert and any root or intermediate ones based on the CA for the Epic host. Add this to your keystore and restart IIQ. If Epic is behind a proxy or VIP, the cert may need additional Subject Alternative Names added to the cert for the individual servers. IIQ will let you know that after a test connection though once the cert is imported.
I’m attaching a link where IQService Cert has been imported to keystore. In similar way, you can import your target server certificate to your keystore. First you need to identify whether you are using default keystore cacerts or custom keystore.
Thank you so much for your quick responses.
I have now imported the server root certificate from my application server into my keystore “cacerts”, and updated my java options with the path to the trust store as well as the password.
I am now seeing the below error when I test the connection.
Thank you so much for your help as I work through this.
Hi @jhaase1 - Make sure that your app server has been restarted. This error usually is an issue with the trust store. Like @Arpitha1 stated, can you verify if you are using the JVM store or if there is one configured in tomcat server.xml or in iiq.properties?
If you are using the default java keystore (cacerts) you do not need the options. This error is the JVM looking for the cert in the keystore and not finding a valid one. Verify the path the JVM is using to make sure the cert you added is there. Also make sure you have any root certificates if it is an internal CA or other that is not included by default.