Configuring a Node.js application to access an integration service by using SSL
Before you begin
- Define your public key infrastructure (PKI).
- Configure the integration service to use SSL.
About this task
- Depending on your configuration requirements, add the following
- Specifies the name of your integration service.
- Specifies the path to the CA certificate.
- Specifies the path to the client key (the private key for your Node.js client).
- Specifies the path to the client certificate (the public key certificate for your Node.js client).
- Specifies the password for the client certificate.
Condition Add the following lines of code before you call the integration service Comments All HTTPS configurations.
IBMIntegration.service_name.IBMContext.protocol = "https";
The Node.js client must not check the credentials that are sent by the server.
IBMIntegration.service_name.IBMContext.rejectUnauthorized = false;
This line is also needed if a server provides a self-signed certificate or a CA-signed server certificate where the common name of the certificate does not match the domain name or host name of the server. The Node.js client must validate the CA-signed certificate that is sent by the server.
IBMIntegration.service_name.IBMContext.rejectUnauthorized = true;
IBMIntegration.service_name.IBMContext.cacert = "ca_cert";
The Node.js client validates the CA-signed certificate by checking the CA-signed certificate against the public certificate of the CA. The server is configured to require client authentication.
IBMIntegration.service_name.IBMContext.key = "client_key";
IBMIntegration.service_name.IBMContext.cert = "client_cert";
The client certificate uses a password.
IBMIntegration.service_name.IBMContext.certpass = "client_cert_password";For example, you might set the following properties in a Node.js client application that is using a CA-signed server certificate and a CA-signed client certificate with a password, to call an integration service named
TestService1, where the certificates and key are stored in the Windows folder C:\certs.
IBMIntegration.TestService1.IBMContext.protocol = "https"; IBMIntegration.TestService1.IBMContext.rejectUnauthorized = true; IBMIntegration.TestService1.IBMContext.cacert = "C:\\certs\\ca.crt"; IBMIntegration.TestService1.IBMContext.key = "C:\\certs\\client.key"; IBMIntegration.TestService1.IBMContext.cert = "C:\\certs\\client.crt"; IBMIntegration.TestService1.IBMContext.certpass = "secret";
- Change the port number that is associated with your integration service to the HTTPS
port. The default HTTPS port is 7083 for the integration node listener and 7843 for the embedded listener.For example:
IBMIntegration.TestService1.IBMContext.hostname = "localhost"; IBMIntegration.TestService1.IBMContext.port = 7843;
You have configured the Node.js client application to access the integration service by using SSL.