Routing and SSL

When configuring a route, you can specify SSL parameters for the connection. Although both participants in an SSL connection must specify a similar set of parameters, each server specifies this information in a different place.

• The passive server must specify SSL parameters in its main configuration file, tibemsd.conf.
• When a server initiates an SSL connection, it sends the route’s SSL parameters to identify and authenticate itself to the passive server. You can specify these parameters when creating the route, or you can specify them in the route configuration file, routes.conf.

You can configure the server to require a digital certificate only for SSL connections coming from routes, while not requiring such a certificate for SSL connections coming from clients or from its fault-tolerant peer.

For more information, see ssl_require_route_cert_only.

Copyright © Cloud Software Group, Inc. All rights reserved.