As we have seen, many IBM® Unica® application components can act as both server and client during normal operations, and some
IBM® Unica® components are written in Java and some in C++. These facts determine the format of the certificates you use. You specify the format when you create a self-signed certificate of purchase one from a CA.
Remember, IBM® Unica® applications do not require a truststore when they act as a client making one-way SSL requests to an
IBM® Unica® server component.
For IBM® Unica® applications written in Java, using the JSSE SSL implementation, and deployed on an application server, you must configure the application server to use your certificate. The certificate must be stored in JKS format.
The Campaign listener,
Optimize server component, the
PredictiveInsight server component, and
Attribution Modeler listener are written in C++, and require a certificate stored in PEM format.
For IBM® Unica® applications written in Java and deployed on an application server, no truststore is needed. For ease of configuration,
IBM® Unica® Java applications acting as a client do not authenticate the server during one-way SSL communications. However, encryption does take place.
For applications written in C/C++ and using the OpenSSL implementation, no truststore is needed. The Campaign listener,
Optimize server component,
PredictiveInsight server component,
Attribution Modeler listener, and NetInsight fall into this category.
If you do not want to use multiple certificates, you can use the same certificate for all the IBM® Unica® components acting as servers, if it is the correct format (that is JKS for Java components and PEM for C++ components). If you use one certificate for all applications, when users access
IBM® Unica® applications for the first time, the browser asks whether they want to accept the certificate.