SSL security
Socket Layer Security (SSL) certificates enable secure, encrypted communication between the operational server software and clients.
An SSL certificate is made up of a public key that is used to encrypt information and a private key that is used to decipher the encrypted information. A virtual “handshake” authenticates the server to the client and syncs the encryption methods and keys that are used to transmit information. Security is further enhanced by session renegotiation to ensure that the same encryption key is not used for a persisted connection.
All InfoSphere® MDM client applications support SSL communication.
- Microsoft Windows:
SET "MAD_CONNSTR=https|localhost|9443|en" - Linux® or UNIX:
export MAD_CONNSTR="https|localhost|9443|en"
Ensure that the server certificate is available for verification on the client side. By contrast, the JRE includes a list of recognized Certificate Authority (CA) certificates in the cacerts file.
| Variable and description | Value set at instance creation and guidelines |
|---|---|
SERVER_CERT - This is the file containing
the CA certificate. |
No value is set by default. To enable SSL, import a certificate to the server and specify it here. Ensure that the certificate is signed by a trusted certificate authority. Certificate data is stored in .pem files. |
KEY_FILE - This is the certificate chainfile
containing the client certificate and the private key. |
No value is set by default. Import a private key certificate
and specify it here. As with SERVER_CERT, the data
is stored in a .pem file. |
SSL_PASSPHRASE - This is the passphrase used
to encrypt the private key file. |
No value is set by default, and the value is commented out within the axis2c.xml file. |