## Knowledge Base

cancel
Showing results for
Did you mean:

# In what order does a Java Agent look for a truststore location?

1. If the path (including name) of the agent truststore is specified using the <controller-keystore-filename> element in the agent configuration file `controller-info.xml`then agent loads that trustore.
2. If not specified in thecontroller-info.xml, the Java Agent then looks for the truststore file with name cacerts.jks in `<agent_home>/verX.X.X.X/conf` directory.
• Note: The permissions on the cacerts.jks file needs to be 644.
3. If the cacerts.jks file does not exist in `<agent_home>/versionXXXX/conf,` but the application specifies truststore using a JVM argument `-Djavax.net.ssl.trustStore`, then the Java Agent loads that truststore.
4. If the Java Agent can not find the certs in any of the above, it will load the default Java truststore of the JVM being instrumented, `<JRE_HOME>/lib/security/cacerts` (password changeit).

Version history
Revision #:
10 of 10
Last update:
‎03-08-2018 01:16 AM
Updated by:
Labels (1)

Contributors