Overview of SSL

Secure Sockets Layer (SSL) is a protocol that uses public and private keys to secure communication between parties. When an SSL connection is requested, the initiator (or client) and responder (or server) perform a handshake where digital identities, or certificates, are exchanged to ensure that both parties are who each party expects. SSL can also be used to specify an encryption algorithm for the data that is exchanged between the parties.

ActiveMatrix BusinessWorks can act as an initiator or a responder in an SSL connection. Several types of connections can optionally use SSL, such as:

  • FTP Connection

  • HTTP Connection

  • JMS Connection

  • Rendezvous Transport

In addition, the following activities can also specify SSL connections:

  • ActiveEnterprise Adapter activities using JMS or RV transports

  • Send HTTP Request

  • SOAP Request Reply

The name SSL has been replaced by Transport Layer Security (TLS), but SSL is used as a synonym for TLS in this document. For more general information about SSL, see the TLS specification at http://www.ietf.org/rfc/rfc2246.txt or view any of the online tutorials about SSL or TLS on the web.

ActiveMatrix BusinessWorks uses digital certificates to validate the identity of parties in an SSL connection. ActiveMatrix BusinessWorks requires that both initiators (clients) and responders (servers) must present certificates during the SSL handshake. Typically, only the server is required to present its certificate to the client for verification, but ActiveMatrix BusinessWorks enforces a bi-lateral model where both client and server must present certificates.

ActiveMatrix BusinessWorks uses the Identity resource to configure the identity of activities that act as initiators (clients) or responders (servers) in an SSL connection. The Identity resource stores the certificate of the activity (initiator or responder) and the location of the folder in the project that contains the trusted certificates of other parties that can participate in an SSL connection.

This section describes Identity resources, trusted certificates, and SSL configuration for each activity.