Page tree
Skip to end of metadata
Go to start of metadata

General info

Java Virtual Machine determines which secure layer to use. FIXICC package includes and runs on JRE 1.8.x. Java 8 by default uses TLS 1.2

SSL/TLS between FIXICC UI and FIXICC Agent

TrustStore and keyStore

In order to define SSL/TLS connection between two java application, you need to have TrustStore and KeyStore. Keystores are a special java storage for private and public keys and certificates. 

Here is an example of how to create these storages by using keytool that is part of J2SE SDK(

  1. Create KeyStore. 

    keytool -keystore fixiccKeystore.key -genkey -alias fixicc

    The program will ask for certificate owner information and password, enter 112233 as the password or own for KeyStore 
    After this command, you will have a keystore file in the working directory. 
    This file can be used as a KeyStore and as a TrustStore. In next steps, we will export certificate from this KeyStore and will create TrustStore with this certificate. You can skip next steps and use fixiccKeystore.key as TrustStore.

  2. Export certificate 

    keytool -export -keystore fixiccKeystore.key -alias fixicc -rfc -file fixicc.cer

    Enter 112233 as the password or your password for KeyStore

  3. Create TrustStore

    keytool -import -file fixicc.cer -alias fixiccUI -keystore fixiccTrustStore.key

    Enter 112233 as the password or your password for TrustStore 
    After this command, you will have a keystore file in the working directory that we will use as TrustStore in FIXICC UI.

Enabling SSL/TLS on FIXICC Agent side

To enable SSL/TLS FIXICC Agent it is required to add AgentServerEnableSSL=true parameter to

Also, you need to define your keyStore in additional JVM parameters. To do it you can add two parameters to wrapper.conf.

For example, keyStore has name fixiccKeystore.key and this file has been added to conf directory. 


\[optional\] you can enable debugging SSL/TLS in JVM


After set up configuration you need restart FIXICC Agent. Please check the log file and make sure that the FIXICC Agent started without errors.

Enabling SSL/TLS on FIXICC UI side

To enable SSL/TLS FIXICC UI it needs to add enableSSL=true parameter to

Also, you have to define your TrustStore in additional JVM parameters. To do it you can add two options to 'default_options' parameter in fixicc.conf

For example, TrustStore has name fixiccTrustStore.key and this file is in etc directory.


  • No labels