Generate a Java Keystore (JKS) file and configure security on your ServiceNow instance

Watch

Save as PDF

Share this page

Feedback

Extend Now Platform capabilities

HomeVancouver Now Platform CapabilitiesExtend Now Platform capabilitiesConversational InterfacesVirtual AgentConfiguring Virtual AgentConfigure Natural Language Understanding in Virtual AgentConfigure Google Dialogflow ES as the NLU provider for Virtual AgentGenerate a Java Keystore (JKS) file and configure security on your ServiceNow instance

Table of Contents

Generate a Java Keystore (JKS) file and configure security on your ServiceNow instance

Release version:
Vancouver
Yokohama
Xanadu
Washington DC
UpdatedAug 3, 2023
3 minutes to read

Vancouver
Virtual Agent

The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.

To use Google Dialogflow as your NLU provider for Virtual Agent, use the private key you downloaded to generate a JKS file and set up authentication in your ServiceNow instance.

Before you begin

Make sure the Java Development Kit (JDK) is installed on the system.

Role required: admin

About this task

Note: Google Dialogflow uses OAuth2.0 for authentication.

Procedure

Open a command shell window.
To create a JKS file from the P12 file, do the following:
1. Run the following command:
```
keytool -importkeystore -srckeystore /local_dir/myprivatekey.p12 -srcstoretype pkcs12 -destkeystore /local_dir/myprivatekey.jks -deststoretype JKS
```
  In this example, /local_dir/myprivatekey.p12 points to the private key that you downloaded in the previous step.
2. When prompted, enter notasecret for the destination keystore password and the source keystore password.
  notasecret is the private key password you noted from the previous step. You will enter this password three times.
A JKS file is created in the same directory.

In your ServiceNow instance, add the JKS file to the Google Dialogflow X.509 certificate record:

Navigate to All, and then enter sys_certificate.list in the filter.
Select Google Dialogflow X.509 Certificate to open the record.

On the form, fill in the fields as follows.


Field	Value
Type	Select Java Key Store.
Key store password	Enter the private key password that you specified when creating the JKS file (`notasecret`).
Active	Select this option to activate the certificate.

Select the attachment icon and upload the JKS file to the record.
Under Related Links, select Validate Stores/Certificates.
You should see a Valid key_store message.
Select Update.

In your ServiceNow instance, update the Google Dialogflow JWT (JSON Web Token) Keystore alias record.

Navigate to All, and then enter jwt_keystore_aliases.list in the filter.
Select Google Dialogflow JWT Keystore to open the record.

On the form, fill in the fields as follows.

Search:


Field	Value
Signing Keystore	Select Google DialogFlow X.509 Certificate.
Signing Algorithm	Select RSA 256.
Signing Key	Enter the private key password that you specified when creating the JKS file (`notasecret`).
Key Id	Leave this field empty.

Select Update.

In your ServiceNow instance, update the Google Dialogflow JWT provider record.
1. Navigate to All, and then enter jwt_provider.list in the filter.
2. Select Google Dialogflow JWT Provider to open the record.
3. In the Signing Configuration field, select Google DialogFlow JWT Keystore.
4. In the Standard Claims related list, enter the email address for your Google Dialogflow agent service account as the Claim Value for the iss entry.
  
  For more information, refer to Create a service account and private key in Google Dialogflow ES.
5. Select Update.

In your ServiceNow instance, update the Google Dialogflow NLU OAuth Provider record:

Navigate to All, and then enter oauth_entity.list in the filter.
Select Google Dialogflow NLU to open the record.

On the form, fill in the fields as follows.


Field	Value
Client ID	Enter the unique ID for your Google Dialogflow agent service account that you saved from a previous step.
Client Secret	Enter the private key password that you specified when creating the JKS file (`notasecret`).
Default Grant Type	Select JWT Bearer.

Select Update.

In your ServiceNow instance, update the GoogleDialogFlowESNLUPrediction system alias.
1. Navigate to All, and then enter sys_alias.list in the filter.
2. Select GoogleDialogFlowESNLUPrediction to open the record.
3. Select the Connection Attributes tab and find the EnvID record.
4. In the Default value column, update the value with the name of the Google Dialogflow environment where the agent was published.
  The default value is prod.
5. Select Update.
Specify Google Dialogflow ES as your NLU provider in Virtual Agent.
For more information, see Configure Natural Language Understanding in Virtual Agent.

Was this topic helpful?

Yes No

Create a service account and private key in Google Dialogflow ES

Activate the Google Dialogflow ES service and enable it in your instance

Create a service account and private key in Google Dialogflow ES

Activate the Google Dialogflow ES service and enable it in your instance

Vancouver Now Platform Capabilities

Filters

Versions

Products