When a signed plugin is installed, it is verified using certificates in the media kit keystore and the IBM® keystore. The IBM keystore contains public IBM certificates, which are used to verify IBM signed plug-ins. The media kit keystore contains public certificates used to verify third party plug-ins.
If a third party wishes to provide public certificates (including self-signed certificates) to be used to verify plug-ins at install time, use the following procedure:
- Create the following keystore file with no password (using keytool or ikeyman if available). Note: Use the keytool (or ikeyman if available) that is included with the target install JVM. This can also be done programmatically with the target install VM.
Use the following filename for the given target install VM:
Desktop EE VM (default):
- Use keytool (or ikeyman if available) to add certificates to the newly created keystore.
- Place the keystore file in the desktop\\desktop\\deploy directory of the Lotus® Expeditor install.
If supporting more than one target install VM, repeat steps 1-3 using a different VM's keytool (or ikeyman) and a different keystore file name. The deploy
directory can support multiple keystores.
Parent topic: Configuring deployment settings: XPD622