Docuflow supports utilizing the JKS format for it's web services API. If you are not familiar with java key stores you can learn more about them here. In most cases inside a keystore a private key is accompanied by the corresponding public key certificate.

To view the certificates currently installed in your docuflow middleware for web services you can view the JKS file using a key store viewer such as https://keystore-explorer.org/

Once downloaded you can open the "keystore.jks" file using the password !DFLOW! to open the JKS file.

The JKS file is located at C:\<docuflow-installation-directory>\config\certificates\keystore.jks

For information on trusted certificates and importing them you can visit the following link https://keystore-explorer.org/doc/5.4/trustedCertificates.html

For information on using a generated key-pair certificate you can visit the following link http://keystore-explorer.org/doc/5.4/keyPairs.html#generate-a-key-pair

Alternatively you can utilize pem and cer files for enrypting the docuflow web service.

Upon any changes of the JKS the service must be restarted.

To enable docuflow to use the following formats you must add to the ini file cert.type = pem under [General Preferences].

Using a generated private key file in pkcs8 format for the server and place in the config folder of the docuflow instance.

Generating the public certifcate for the server. Place in the config folder of the docuflow instance.

Update Config.properties and remove the default values for content.cer.file and content.pem.file with the ones generaged above. Save the file and restart the service.

content.cer.file=your_public.cer content.pem.file=your_private_key_pkcs8.pem