Has anyone successfully implemented TLS for RACF Source? The documentation seems unclear and leaves several steps open to interpretation. Here are my questions for clarification:
The documentation at Configure TLS Between SailPoint and the Connector Gateway mentions using the API endpoint /api/source/update/sourceID, but it appears this endpoint has been deprecated. Therefore, the documentation needs to be updated to reflect the current API endpoints.
Additionally, the documentation discusses the use of a file called encryptionKeyFile but does not provide instructions on how to generate this file.
Regarding enabling Mutual TLS Authentication, Step 3 requires keystore information, but it’s unclear whether this refers to a custom keystore that needs to be created or the default keystore.jks file, which only the root user can access.
Furthermore, in Step 5, the documentation mentions exporting a certificate from VA, but it doesn’t specify which certificate this refers to or how to export it.
I’ve only recently been getting involved on this forum hence the late response on this - If you’ve managed to resolve this already, please post your findings too as I’m curious if anything has changed.
I had implemented RACF at a client some time back with TLS: this is what I recall in response to your questions: