Sterling Secure Proxy and AS4 Microservices

You can configure Sterling Secure Proxy to act as a reverse proxy server for AS4 Microservice.

Sterling Secure Proxy as a Reverse Proxy

A reverse proxy accepts messaging requests from your trading partners and responds on your behalf as a proxy to your system. A reverse proxy also masks your IP address and HTTP details as messages are passed back and forth, protecting your system from outside attacks.

Deploying Sterling Secure Proxy with AS4 Microservices

To set up Sterling Secure Proxy to redirect message requests to AS4 Microservice, you need:
  • AS4 Microservice
  • Sterling Secure Proxy
  • Load Balancer
  • Firewall
Tip: To ensure that your communications remain secure with the most updated transfer protocols, ensure that you use the current release of Sterling Secure Proxy.

Sterling Secure Proxy connects to AS4 Microservice through an HTTP or HTTPS Reverse Proxy Configuration. For more information about creating and defining an HTTP Netmap in Sterling Secure Proxy, see HTTP Reverse Proxy configuration in the IBM Sterling Secure Proxy V3.4.2 Knowledge Center.

For a high availability deployment, you can install more than one node of Sterling Secure Proxy. Ensure that you configure the adapters of each Sterling Secure Proxy node to redirect to AS4 Microservice. In the following example, two Sterling Secure Proxy nodes redirect requests to two AS4 Microservice nodes.

A diagram of an example high availability deployment with multiple nodes
Tip: To handle the high volume of messaging requests from your trading partners, you can use a load balancer for a high availability deployment model. A load balancer equally distributes requests across the multiple Sterling Secure Proxy nodes so that requests do not flood the system.

Handling Certificates

You can use Sterling Secure Proxy for requests with or without a certificate handshake. For message transactions without certificates, no further configuration is necessary. However, in a transaction where a certificate handshake is required, the system can do a handshake either through Sterling Secure Proxy or through AS4 Microservice.

  • A certificate handshake through Sterling Secure Proxy requires that the trading partner's certificate is added to Sterling Secure Proxy. For more information about configuring certificates in Sterling Secure Proxy, see About SSL/TLS Certificates in the IBM Sterling Secure Proxy V3.4.2 Knowledge Center.
  • A certificate handshake through AS4 Microservice requires that your trading partner's certificate is added to AS4 Microservice. For more information about adding a digital certificate, see Configuring digital certificates.