Transport Layer Security (SSL)
Secure Sockets Layer (SSL) allows web browsers and web servers (point-to-point) to communicate over a secure connection. SSL provides confidentiality because SSL responses are encrypted so that the data cannot be deciphered by third parties as it passes between the client and server on a network.
The following is an Inbound example with SSL:
| 1. | The Web Service encrypts the message using the server’s public key. Because the message is encrypted, a third party cannot intercept it. |
| 2. | An SSL connection is opened and the encrypted message is sent. |
| 3. | The server’s private key is used to decrypt the message. |
The iProcess Web Services Plug-in implements SSL security as follows:
| • | For Outbound calls, iProcess EAI steps call Web Services over SSL, using a Truststore to obtain a server's public key. This truststore is the same as the SOAP/SSL Security keystore that you specified when you installed iProcess Web Services Plug-in. |
| • | For Inbound calls, an SSL server is used (see following dialog) to allow external web services to connect to iProcess securely. |
The Inbound SSL settings are configured during the installation of the TIBCO iProcess Web Services Client and Server Plug-ins.
When you enable SSL encryption, the alias is automatically selected by Jetty. You must supply the password here, and the name of the keystore/keystore password (on the previous dialog in the installation sequence). There should only be one key in the keystore for SSL encryption, and the alias must be jetty.
For more information see TIBCO iProcess Web Services Server Plug-in Installation and TIBCO iProcess Web Services Client Plug-in Installation.
For manual configuration, see the "Configuring SSL Manually" section in TIBCO iProcess Web Services Server Plug-in Installation.