Guides
Updated On 03 March 2025 | Min(s) read

ClearBank API Gateway Installation Guide

This document aims at explaining the installation procedures required to install the ClearBank Inbound & ClearBank Outbound Camel zip file for the payments and accounts development. The scope of the document is to cover the deployment of the bar file of the ClearBank Inbound and Outbound flow.

The terminology used is as follows:

  • UTP: Unified Temenos Platform.
  • CSR: Certificate Signing Request.
  • PFX: Personal exchange format File.
  • MQ: Message Queue.

System Requirements

The following are the pre-requisites for installing this package.

  • JDK 21.
  • Active MQ 5.19+.
  • Temenos Payment Hub necessary setup for processing the PACS and CAMT xml.

General Considerations

The Temenos Transact firewall restricts the incoming request coming from ClearBank and thus the POC was tested in DMZ machine outside the Temenos Transactnetwork.

The Temenos Payment Hub queue name mentioned in the below ClearBank_InboundPayment and ClearBank_Outbound WAR files is defaulted to the one that were used during the development of the POC. The queue name should be changed or configured to the Temenos Payment Hubinternal queue name available in the Temenos Payment Hubarea.

For ClearBank_InboundAccount WAR file, the new queue has to be created by modifying the standalone-utp.xml file and the same queue has to be associated with the IF exit point for the newly created Account application version.

It is assumed that the necessary information like URL name, certificate name, etc are already updated in the ClearBank simulation environment.

  1. Extract the zip file.
  2. In the start.cmd file for Windows and start.sh file for Linux, set the following details:
    • JAVA_HOME variable: points to java JDK location. E.g: C:\java\jdk21\jre
    • PROVIDER variable: contains the queue broker name. It accepts the following values: jboss, ibmmq, activemq, amazonmq, weblogic.
    • PORT variable: can be any available port number to be used by the package.
    • XSLPATH: path of the XSLT files for the current instance/File type.

    If the above values are not set, then the following values will be defaulted,

    • PROVIDER=activemq,
    • PORT=9999,
    • XSLPATH=%CD%\xsl\.
  3. In Root path of the extracted package kindly change the application.properties as required.

    Do not change the xslt.path here.

    A sample setup is given below:

    Application properties file configurationsApplication properties file configurationsApplication properties file configurationsApplication properties file configurations

  4. The Inqueue name is named TPHPaymentQueue by default at the time of development. This queue message will be picked up by ClearBank_InboundPayment WAR file to sent the same to ClearBank.
  5. To change the default queue name and Clearbank Request URL, the application.properties file of the UKCLBK_ClearBankFpsOutbound.zip can be modified.
  1. Extract the zip file.
  2. In the start.cmd file for Windows and start.sh file for Linux, set the following details.
    • JAVA_HOME variable: points to java JDK location. E.g: C:\java\jdk21\jre.
    • PROVIDER variable: contains the queue broker name. It accepts the following values: jboss, ibmmq, activemq, amazonmq, weblogic.
    • PORT variable: can be any available port number to be used by the package.
    • XSLPATH: path of the XSLT files for the current instance/File type.

    If the above values are not set, then the following values will be defaulted,

    • PROVIDER=jboss,
    • PORT=9999,
    • XSLPATH=%CD%\xsl\.
  3. In Root path of the extracted package kindly change the application.properties as required.

    Do not change the xslt.path here.

  4. A sample setup is given below.

    Application properties file configurationsApplication properties file configurationsApplication properties file configurations

  5. The Inqueue name is named T24AccountQueue by default, since it was used at the time of development of POC. This queue message will be picked up by ClearBank_InboundAccount WAR file to sent the same to ClearBank.
  6. To change the default queue name and Clearbank Request URL, the application.properties file of the UKCLBK_ClearBankFpsOutbound.zip can be modified.

Contents of the Package

CAMEL components are the following:

  • UKCLBK_ClearBankFpsInbound.zip
  • UKCLBK_ClearBankFpsOutbound.zip

Steps for Deploying the Package

Follow the steps below to deploy the package.

Design time configuration steps for ClearBank_InboundAccount are provided below.

  1. A new account application version needs to be created.
  2. The Exit points must be created for the newly created version.
  3. The Temenos Transact Internal JMS queue has to be defined in the IF.INTEGRATION.SERVICE.PARAM application.
  4. The queue has to be configured in standalone-utp.xml of the Temenos Transact area.
  5. Once a new record is committed the Temenos Transact internal JMS queue will get populated with the necessary account details, which will be processed by Exposed API.

The deployment steps are provided below.

  1. Open a command window in the extracted package location, and execute the start.cmd command.

    Syntax:

    start.cmd [ -p provider ] [ -po port ] [ -xp xslPath ]

    Example: Start.cmd –p jboss –po 9999 -xp [path]

  2. Logs will be generated in the log folder for monitoring purpose. E.g. : …\package\log\ console_[providername]_[datetime].txt
  1. Open a command window in the extracted package location, and execute the start.cmd command.

    Syntax:

    stop.cmd

  1. Commands to generate CSR and PFX with Public and private key that can be used in simulation environment.

    # generate a dummy certificate authority

    openssl genrsa -out CA.key 2048

    openssl req -new -x509 -key CA.key -out CA.crt -subj /CN=CA

    # generate the simulation key and CSR (CSR it the thing you need to upload to ClearBank, so they will know about your public key)

    openssl genrsa -out SIM.key 2048

    openssl req -new -sha256 -key SIM.key -out SIM.csr -subj /CN=SIM

    # Create CRT and PFX files

    openssl x509 -req -in SIM.csr -CA CA.crt -CAkey CA.key -CAcreateserial -out SIM.crt

    openssl pkcs12 -export -out SIM.pfx -inkey SIM.key -in SIM.crt

  2. Import the CA certificate provided by Security team in PFX to Keystore JKS format for HTTPS connectivity.

    # Generate PEM file from PFX file

    openssl pkcs12 -in mypfxfile.pfx -out mypemfile.pem

    #Generate P12 format file from PEM file

    openssl pkcs12 -export -in mypemfile.pem -out mykeystore.p12 -name "MyCert"

    # Check the certificate inside the P12 file

    keytool -v -list -keystore mykeystore.p12 -storetype pkcs12

    # Import the P12 and certifictaes in Keystore file

    keytool -importkeystore -srckeystore mykeystore.p12 -destkeystore clientcert.jks -srcstoretype pkcs12 -deststoretype JKS

  1. Convert your extracted Camel pack to TAR file. (Right click > 7 zip > Add to archive > archive format "tar")
  2. Move this tar file to the linux area using winscp. Transfer settings should be 'binary'.
  3. Extract this tar file in Linux area using tera term.
  4. Command: tar -xvf <package name>.tar
  5. Then run start.sh script .

Kindly ensure that start.sh has 'LF' as line separator.

The Cloud deployment includes the below configurations.

Configure the required configurations in values.yaml file.

Values Yaml configurations

The configurations of the MQ connection are displayed below.

MQ Connection configurations

In the LOGGING_CONFIG path configure the log4j2.xml file location present in the image. It is loaded in the root directory as part of the package.

Log Configurations

  1. Update the values.yaml file for increasing the instance count (by default it is one).

  2. Mention the range of memory and cores.

    Range of memory and cores

  3. Update the templates/ukclbk-clearbankfpsinbound-deployment.yaml with the image name as required in the sample below.

    Update the image name

  4. Update the templates/ukclbk-clearbankfpsinbound-deployment.yaml file to configure the container instance of mount location.

    Configure the container instance of mount location

  5. The application port is 8080 and is configured in the values.yaml files. The ports provided in the values.yaml file are referred in the network-policy.yaml, service.yaml and deployment.yaml.
  6. Load balancer source IP range is referred from sourceIP_ranges in the values.yaml file.

    Configurations in the values yaml file

This section explains deployment for the Docker desktop for ukclbk-clearbankfpsinbound and ukclbk-clearbankfpsoutbound Cloud packages.

  1. Check if any images exist (using the docker images command) in the destination system. If so remove them using,
    • docker images --filter reference=ukclbk-clearbankfpsinbound,
    • docker rm <image id>.
  2. Locate the folder where the Dockerfile is located and open command prompt to execute the following command. This will build the image.
    Load Images

    Syntax:

    docker build -t <image name>.<tag> <location>

    Eg.: docker build -ukclbk-clearbankfpsinbound:dev.

    Docker build image

  3. Start Kubernetes, in this example it uses Kubernetes provided by Docker desktop.

    Start Kubernetes

  4. Start a local docker registry server using docker image that will be used as a container registry hosting all the ukclbk-clearbankfpsinbound images deployment.

    Start local docker

    Start Local Registry

    Syntax:

    docker run -d -p 5000:5000 --restart=always --name registry registry:2

    Start local registry

  5. Once the registry is started, it needs to tag and push the images that were loaded earlier. Syntax and samples for tag and push is mentioned below.
    Docker Tag Images

    Syntax:

    docker tag <Repository> <local registry host>:<local registry port>/<repository>:<tag>

    where,

    Repository – ukclbk-clearbankfpsinbound

    local registry host – localhost

    local registry port – 5000

    tag – dev

    Eg: docker tag ukclbk-clearbankfpsinbound:dev localhost:5000/ ukclbk-clearbankfpsinbound:dev

    Docker tag

    Docker Push Images

    Syntax:

    docker push <local registry port>/<repository>:<tag>

    Eg: docker push localhost:5000/ukclbk-clearbankfpsinbound:dev

    Push the images

  6. Navigate to helm folder and start services using below command.
    Start Services

    Syntax:

    helm install -name <<image name>> . -n <<image namespace>> --create- namespace

    Eg: helm install -name ukclbk-clearbankfpsinbound . -n ukclbk-clearbankfpsinbound --create-namespace

    Start services

  7. If the application is running, POD log will be generated with the keyword 'ACCEPTING_TRAFFIC'.
  8. To uninstall the service use the below command:

    helm uninstall <<image name>> -n <<namespace name>>

    Eg: helm uninstall ukclbk-clearbankfpsinbound -n ukclbk-clearbankfpsinbound

  1. Check if any images exist (using the docker images command) in the destination system. If so remove them using,
    • docker images --filter reference=ukclbk-clearbankfpsoutbound,
    • docker rm <image id>.
  2. Locate the folder where the Dockerfile is located and open command prompt to execute the following command. This will build the image.
    Load Images

    Syntax:

    docker build -t <image name>.<tag> <location>

    Eg.: docker build -ukclbk-clearbankfpsoutbound:dev.

    Docker build image

  3. Start Kubernetes, in this example it uses Kubernetes provided by Docker desktop.

    Start Kubernetes

  4. Start a local docker registry server using docker image that will be used as a container registry hosting all the ukclbk-clearbankfpsoutbound images deployment.
    Start Local Registry

    Syntax:

    docker run -d -p 5000:5000 --restart=always --name registry registry:2

  5. Once the registry is started, it needs to tag and push the images that were loaded earlier. Syntax and samples for tag and push is mentioned below.
    Docker Tag Images

    Syntax:

    docker tag <Repository> <local registry host>:<local registry port>/<repository>:<tag>

    where,

    Repository – ukclbk-clearbankfpsoutbound

    local registry host – localhost

    local registry port – 5000

    tag – dev

    Eg: docker tag ukclbk-clearbankfpsoutbound:dev localhost:5000/ ukclbk-clearbankfpsoutbound:dev

    Docker tag

    Docker Push Images

    Syntax:

    docker push <local registry port>/<repository>:<tag>

    Eg: docker push localhost:5000/ukclbk-clearbankfpsoutbound:dev

    Push the images

  6. Navigate to helm folder and start services using below command.
    Start Services

    Syntax:

    helm install -name <<image name>> . -n <<image namespace>> --create- namespace

    Eg: helm install -name ukclbk-clearbankfpsoutbound . -n ukclbk-clearbankfpsoutbound --create-namespace

    Start services

  7. If the application is running, POD log will be generated with the keyword 'ACCEPTING_TRAFFIC'.
  8. To uninstall the service use the below command:

    helm uninstall <<image name>> -n <<namespace name>>

    Eg: helm uninstall ukclbk-clearbankfpsoutbound -n ukclbk-clearbankfpsoutbound

Copyright © 2020- Temenos Headquarters SA

Contact Us

knowledge@temenos.com

Published on :
Tuesday, September 2, 2025 12:58:45 PM IST