Skip to Main Content
IBM Sterling

This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Submitted
Created by Guest
Created on May 29, 2024

Improving the IBM B2Bi Sterling Integrator logic when a system certificate expires

The B2Bi Sterling Integrator product does not seamlessly pick up or scan the system (netmap or adapters) for a new/valid certificate after a CA expires.

As an IBM customer and a long term B2B Sterling Integrator consumer, on two separate occasions in my environment there have been system certificates that have been renewed in good time ahead of an upcoming expiry.

The certificate was renewed, in this sense in our environment we migrated from CA7 to CA8 in production. We did not remove the CA7 certificate from the associated adapters or netmap configuration, but the new CA8 certificate was present across all of the required locations.

The reason we did not remove the CA7 certificate from our production environment, was because we have interfacing systems and consumers of our product offering which had not yet migrated over to CA7 (we have approx. 30 or 40) consumers, who either send or receive traffic to my B2Bi Sterling Integrator instance.

Unfortunately the CA7 certificate expired in production on 24th May at 00:59, at which point the system did not acknowledge or even pick up the valid and installed CA8 certificate in our environment. This led to a major production level outage across our business and impacted our customers globally.

My ask/idea to IBM here is to review the B2Bi Sterling Integrator logic when a system certificate expires, there should be a way the system can automatically scan the available/installed certificates in order to secure a connection with a Connect Direct partner.

The response from IBM today is that the product is working as per design - when as a customer, we must remove the CA7 certificate from all of the associated Connect Direct adapters and netmap configurations and restart, before the new CA8 certificate would be used for connectivity and file transfer.

What is your industry? Banking
How will this idea be used?

This would prevent system level outages and improve the products ability to maintain availability.

  • Guest
    May 30, 2024

    Consider enhancing certificate replacement functionality generically including HTTPS and FTPS certificates. It would reduce connectivity errors and partner impact if a CD node or adapter, or HTTPS and FTP server adapter certificate is replaced and then automatically refreshed across all instances on all B2Bi nodes. This would include automatically doing cache refreshes to ensure new certificates are available.