Confidential retrieval of resource objects

IBM® Content Manager supports Secure Sockets Layer (SSL) through the Java™ APIs for communication between thin client applications and the resource manager. Use SSL if your application accesses resource manager objects and runs outside of a secure boundary, such as a firewall.

Requirements

Before you use your application to communicate with the resource manager through SSL, ensure that the HTTP server on the resource manager is enabled for SSL.
When you call the DKLobICM.getContentURLs Java API within your application, it returns a URL. If the URL returned by DKLobICM.getContentURLs is an HTTPS URL, SSL is enabled. If the URL is an HTTP URL, SSL is not enabled.

To enable SSL, edit the cmbrm.ini file, which you can find in the same directory as other properties files. The cmbcmenv.properties file contains an entry called CMCFGDIR, which points to the location of cmbrm.ini file. In the cmbrm.ini file, set the RM_SSL_FOR_URL_RETRIEVES setting to 1. If the setting does not exist, add it.

After you verify that the RM_SSL_FOR_URL_RETRIEVES setting is correct, your application can use the HTTPS URL to securely communicate with the resource manager.

Note that RM_SSL_FOR_URL_RETRIEVES is a global setting, and that after you set it to 1, all URL-based retrieves with all resource managers in the system will use SSL. That means that if your system is set up to work with multiple resource managers, all of the resource managers must support SSL.