If you want to use Talend to integrate with web services which require SSL, you will need to use the tSetKeystore component. In this blog I will show you how to import your .cer / .crt files into a .jks (Java KeyStore) and then how to use the .jks in your Talend job.
Start with downloading and installing KeyStore Explorer.
Launch KeyStore Explorer and select ‘Create a new KeyStore’
In the selection box that opens, select ‘JKS’
From the menu bar select the red rosette icon (Import Trusted Certificate)
Navigate to the .cer / .crt file you wish to use and click ‘Open’
Save your JKS. At password prompt enter a password for your JKS (optional).
In the tSetKeystore component settings within your Talend job enter the location of your .JKS and the enter the password (if applicable).
Any connections you make to web service’s will now use the SSL certificate contained in the Java KeyStore file. For example when using tSOAP, tREST, tESBConsumer.
If its all gone to plan you should no longer receive the error:
java.lang.Exception: nulljavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
.
TIP: if you are using other components in your job that connect to other web services or an SMTP server for example e.g. tSendMail, then you will need to use a separate child job and select “Use an independent process to run subjob”. This is because the SSL certificates in your keystore are used for every connection.
