AcdntlPoet 2700019V2G Visits (587)
While working the front lines in support over the past 16 years of my career, a small handful of issues always seem to crop up as the most requested items when clients call in. One of those items was consistently in depth question on how to setup SSL for any of the products I was supporting. So, of course I'm going to highlight an SSL article when it comes across my plate, as I know how important these types of setups are to you, or clients, with a focus on ensuring your environment's security.
Luckily, John Chewter, Chief Architect for Green Hat Technologies in IBM has written a wonderfully detailed article on developerWorks outlining this process for IBM Rational Integration Tester:
Using SSL within Rational Integration Tester- Overview of key material, the SSL handshake, and its use in Rational Integration Tester transports. Learn how to configure SSL and use the key material in IBM® Rational® Integration Tester to test and virtualize secure services.
Summary: This article explains the various key material types and how they are used within Rational Integration Tester so that it can connect to and test applications secured using SSL. In Part Two we explore how to use the HTTP(S) proxy server to record and re-route secure traffic by using existing key material, or by using the certificate and key that is included in the HTTP proxy server, within the Rational Integration Tester Platform Pack.
Sumant Renukarya 270002B42N Visits (1836)
If there is a need to know the cipher used by CLM applications or RTC and the level of encryption used for web-clients, this blog should be of some help.
Cipher refers to the algorithm used for performing encryption and decryption of the data.
Generally, SSL (Secure Socket Layer) is used for data encryption, decryption and transmission using certificates or smart cards. However, this also depends on the kind of Application server being used. Based on the kind of application server in use, the respective product documentation should have the details on the cipher used.
Websphere Application Server, Apache Tomcat
a. For Internet Explorer, login to RTC and then right click on the web-page --> Properties;
b. For Firefox web-browser, if one hovers and clicks on the padlock symbol prior to URI in the address bar, say before https: //ho
So, if the RTC/CLM installation is based on Websphere Application Server (v7.0), the site supports a minimum cipher strength of 168 bit encryption. This, can be confirmed by looking into the properties for ccm application web-page and the application server documentation.
By default, using the Apache Tomcat application server the site supports a minimum cipher strenght of 128 bit encr
The cipher indicates that the data is encrypted between the Internet browser and the Server. It doesn’t encrypt the data on the database itself.
This is what is behind the HTTPS protocol and is managed by the Application server. RTC is only an application installed on top of Jazz, which is installed on WebSphere.
Here is the link for the WebSphere v 7.0 documentation - About "TLS 1.0, 3DES with 168 bit encryption (High)". This explains SSL Version 3 and TLS Version 1.0 cipher specifications: http