Securing client/server and server-server communications with SSL

The main steps in securing client/server and server-server communications with SSL are:

  1. Obtain and install the SSL certificate and keys.
  2. Enable and configure SSL in the server administration application (IBM® SPSS® Deployment Manager).
  3. If using encryption certificates with a strength greater than 2048 bits, install unlimited strength encryption on the client computers.
  4. If using a self-signed certificate, copy the certificate on the client computer.
  5. Instruct users to enable SSL when connecting to the server.
Notes:
  • Occasionally a server product acts as a client. An example is IBM SPSS Statistics Server connecting to the IBM SPSS Collaboration and Deployment Services Repository. In this case, IBM SPSS Statistics Server is the client.
  • On Linux/UNIX systems where both a non-root and SSL configuration are enabled, SSL security will be reduced. Because all user sessions run under the same credential as each other and as the Modeler Server daemon, the SSL certificate data that should to be kept secret will instead be exposed to all users. This allows users to easily bypass the normal protections SSL provides to all other users. See Introduction.