Setting up SSL for ODWEK

The support of SSL for ODWEK refers specifically to the transfer of data between ODWEK and the Content Manager OnDemand server(s) and does not imply a level of support from the browser to ODWEK. Using SSL from the browser to ODWEK has always been allowed and does not require any support from ODWEK. It is the application or web developer’s responsibility to enable such support.

You must complete the following configuration steps to enable SSL with ODWEK:
  1. Confirm that you have completed the steps described in the following topics:
  2. Create a key database and add the signer certificate into the client key database. See steps 2 through 4 in Setting up SSL for the Windows clients.
  3. There are three SSL-specific values that must be passed to ODWEK. This can be accomplished using a java.util.Properties object which is passed to the ODConfig constructor. The SSL values can be specified as follows:
    Properties cfgProps = new Properties();
    cfgProps.setProperty(ODConfig.USE_SSL_DEFAULT, "TRUE");
    cfgProps.setProperty(ODConfig.SSL_KEYRINGFILE, "/opt/ssl/ondemand.kdb");
    cfgProps.setProperty(ODConfig.SSL_KEYRINGSTASH, "/opt/ssl/ondemand.sth");

    The Properties object is then passed to the ODConfig constructor for those values to be picked up.

    As an alternative, the ODServer.setSSL function could be called prior to logon. For example:
    odserver.setSSL(true, "/opt/ssl/ondemand.kdb", "/opt/ssl/ondemand.sth");
  4. Specify the SSL port number defined on the Content Manager OnDemand server. ODWEK will then use the ondemand.kdb and ondemand.sth files to manage and validate any certificate that is received from the Content Manager OnDemand server.
    odServer.setPort(14450); // SSL port that the server has been configured to use for SSL communication
    odServer.logon( “odserver.mycompany.com”, “admin”, “secret” );