Configuring a keystore by using a URL reference

To configure a keystore, you can reference a keystore file that contains public keys from a URL address.

Before you begin: You must complete the following tasks before you can configure a keystore:
  • Create a keystore data instance in Pega Platform with Keystore location equal to Reference to URL.
  • Ensure that the URL is accessible. If the required HTTPS certificate is not in the cacerts keystore or an equivalent application server-level truststore, you must import the certificate into the cacerts keystore or equivalent application server-level truststore, and restart the server.
  1. Open a keystore from the navigation panel by clicking Records > Security > Keystore and selecting a URL reference keystore from the instance list.
  2. In the Keystore url field, enter the URL address of the keystore file, for example: https://www.pegasystems.com/prweb/PRRestService/keys/v1/jwt/JWTGenerationProfile.
  3. In the Keystore type list, click the keystore type.
    • JSON Web Key (JWK)
    • Microsoft authentication metadata
  4. Select the refresh strategy for your keystore.
    • Reload once per interaction – Disable caching of the keystore file. Choose this if the keystore might change unexpectedly.
    • Cache keystore (default) – Cache the keystore, with the caching time set to 3600 seconds. You can override the caching time in the Reload after field.
  5. Click Save.