Version 6.3.13 for UNIX
 —  Natural Web I/O Interface  —

Configuring SSL

This document covers following topics:


General Information

Trust files are used for a secure connection between the Natural Web I/O Interface server and the Natural Web I/O Interface client. Server authentication cannot be switched off. A trust file is always required.

A trust file contains the certificates that you trust. These can be certificates of a CA (Certificate Authority) such as VeriSign, or self-signed certificates.

For information on the steps that are required on the Natural Web I/O Interface server and how to generate a self-signed certificate which needs to be imported to the client, see SSL Support.

To establish a secure connection, you have to proceed as described in the topics below.

Top of page

Creating Your Own Trust File

To create your own trust file, you can use, for example, Sun's keytool utility which can be found in the bin directory of the Java Runtime Environment (JRE). Here are some helpful examples:

When you modify the trust file or its password, you have to restart the application server so that your modification takes effect.

Top of page

Defining SSL Usage in the Configuration File

Invoke the configuration tool and proceed as follows:

  1. In the global settings for all defined sessions, define the SSL trust file path and, if required, the SSL trust file password . See also Global Settings in Using the Configuration Tool.

    With the server authentication, the Natural Web I/O Interface client checks whether the certificate of the Natural Web I/O Interface server is known. If it is not known, the connection is rejected.

    When a trust file is not defined in the configuration tool, the Natural Web I/O Interface client tries to read the file calist from the lib/security directory of the Java Runtime Environment (JRE). The default password for this file is "changeit".

  2. Define a session and set the session option Use SSL to Yes. See also Overview of Session Options in Using the Configuration Tool.

Top of page