IBM Sterling Ideas

Submit new product ideas for IBM Sterling solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed.

IBM is transforming its request for enhancement (RFE) process. The purpose of the transformation is to provide a more consistent experience for you to submit requests and to enable IBM product owners to respond to your requests more quickly. For more information click here.

Connect with IBM experts and your peers on the Supply Chain Collaboration Community and the Order Management Interest Group

Provision to Choose Perimeter Server in SSH KEY GRABBER and SSL Certificate GRABBER in UI and Exposing this service via REST API

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Apr 2 2019
  • Under Consideration
How will this idea be used?

SSH KEY Gabber and SSL Certificate Gabber utilities are primarily used by connection analysts to grab the known host keys and certificate chain. These utilities are also used to test the connectivity with the trading partner servers. Depending on the server location (internal to the enterprise or external, on the internet) they would need to choose the respective perimeter server to grab the SSH KEY and SSL Certificates. Giving this selection to the user in the respective user interface would save a lot of time and effort. The process today is really cumbersome and multiple connection analysts cannot use it at the same time, on top of it additional permissions to deployment/services menu is necessary, sometimes adjusting the adapter configuration making the adapter to go to disable state and that is causing the ICC to send an unnecessary alert to operation groups.

Partner on-boarding automation is our and our customer vision, exposing this via REST API would helps that vision.

Also, one other observation after playing with these tools. If the grabber fails the underlying BP is going to "halted" state which is an additional work for operations team to clean them from the system. As a best practice we recommend our customers to code a BP to go to "completed" state even a step fails but we don't follow the same logic in the product?

What is your industry? Aerospace & Defense
What is the idea priority? High
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    10 Apr, 2019 01:14pm

    For anybody encountering this issue, our workaround was to make a duplicate of the SSHKeyGrabberAdapter and SSLCertGrabberAdapter, configure the original adapter to use a perimeter server and the new copy to use the "local" perimeter server.  Then we modified the SSHKeyGrabberProcess and SSLCertGrabberAdapterBP BPs to add an onFault which retries the grabber attempt using the other service.  That way for any key / cert grabber attempt it will try both with and without the perimeter server.


    However I agree with the original post, this functionality should be easily available through the UI and REST APIs without the need to jump through these additional hoops.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    2 Apr, 2019 02:28pm

    Our company has a competing product has this feature, their team was shocked we did not have this utility.