Information Management IBM InfoSphere Master Data Management, Version 11.3

Enabling encryption for a REST service

To enable encryption when you use the application toolkit, you must enable SSL communications between the operational server and IBM® Business Process Manager, and configure the IBM WebSphere® Application Server.

Before you begin

You must set up the appropriate certificates in the IBM WebSphere Application Server that is used with IBM Business Process Manager.

About this task

To ensure that your flows are encrypted, you must set the appropriate parameters, attributes, and ports.

Procedure

  1. Set the usessl parameter to true in the MDM_Connection business object: You must also change the port parameter to the appropriate secure port number.
  2. Set the usessl attribute on the <server> element in the BPMConfig.XML file:
    1. Edit the BPMConfig.XML file.
    2. In the section for the MDM Tree adapter that you are using, locate the <server> element.
    3. Add the usessl attribute with a value of true to the <server> element. For example:
      <server usessl=true>
    4. Update the <port> element to the appropriate secure port number.
    5. Save the BPMConfig.xml file.

      If you have completed all of the necessary changes to the BPMConfig.xml file, save the updated XML file into the MDMAT_BPM_REST_EAR.ear file.

  3. Set the usessl input parameter in the Get MDM Entity integration service.
    1. You can explicitly set a value for the usessl parameter, such as true, or you can assign a variable to the input parameter. If you assign a variable to the input parameter, the variable must be a BOOLEAN type.
    2. Specify the secure port number for the IBM WebSphere Application Server that is used with InfoSphere® MDM. You specify the port number in the restPort variable.
    3. Save your changes.
  4. Configure the IBM WebSphere Application Servers where your processes are run to support the application toolkit encryption. You must import an appropriate signer certificate from the IBM WebSphere Application Server that is used with the InfoSphere MDM IBM WebSphere Application Server. Import the certificate into an appropriate trust store on any IBM WebSphere Application Server that you are running your processes on. This might include the IBM Business Process Manager Process Center, the Process Server, or both.

    For example, if your system configuration includes a Process Center to test your processes, a Process Server instance as a staging server, and another Process Server instance as a production server, you must import the certificate on all three of the IBM WebSphere Application Servers.

    You can use the IBM WebSphere Application Server administrative console to complete this step. Refer to the IBM WebSphere Application Server documentation on SSL certificate and key management.

Parent topic: REST API (version 11.0 and earlier)

Last updated: 27 June 2014