Using SSL certificates in a Talend integration job – tSetKeystore

 If you are wanting to use Talend to integrate with web services that require SSL, you will need to use the tSetKeystore component. In this blog I will show you how to import your .cer / .crt files into a .jks (Java KeyStore) and import into your Talend job.

Start with downloading and installing KeyStore Explorer.

Launch KeyStore Explorer and select ‘Create a new KeyStore’

In the selection box that opens, select ‘JKS’

From the menu bar select the red rosette icon (Import Trusted Certificate)

Navigate to the .cer / .crt file and click ‘Open’

Save your JKS. At password prompt enter a password for your JKS (optional).

In the tSetKeystore component settings within your Talend job enter the location of your .JKS and the password (if applicable).

Now, any connections you make to web service’s will use the SSL certificate contained in the Java KeyStore file. For example when using tSOAP, tREST, tESBConsumer  

If its all gone to plan you should no longer receive the error:

java.lang.Exception: nulljavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

TIP: if using other components in your job that that connect to other web services or SMTP server eg tSendMail, you will need to use a separate child job and select “Use an independent process to run subjob”. This is because the SSL certificates in your keystore are used for every connection.

 

Leave a Reply