Configuring SSL

The plug-in supports using Secure Sockets Layer (SSL) to secure the data exchange between the plug-in and an LDAP server.

TIBCO ActiveMatrix BusinessWorks provides a Keystore Provider resource to get access to a keystore. A keystore is a mechanism designed to create and manage private keys/digital certificate pairs and trusted Certificate Authority (CA) signed certificates.

A Keystore Provider resource can either be used as a trust store, or an identity store depending on the certificate that the keystore stores:
  • A trust store contains the CA signed certificate.

    The plug-in uses the provided trust store to verify the identity of the LDAP server.

  • An identity store contains the private key/digital certificate pairs.

    The LDAP server uses the provided identity store to verify the identity of the client.

In a design-time connection, the plug-in accesses a trust store to authenticate the connected LDAP server, or accesses an identity store to pass the client information to the connected LDAP server.

Complete the following tasks to use SSL to secure the data exchange:
  1. Configuring SSL on LDAP Servers
  2. Converting Certificates
  3. Creating a Keystore Provider Resource
  4. Configuring SSL in the Plug-in