RPC Server Defaults

The Entire Operations GUI Client uses an RPC server. Some definitions for the RPC server can be made here.

This document covers the following topics:


Defining RPC Server Defaults for SSL Communication

Start of instruction setTo define the SSL trust store file

  1. From the System Services Menu, select RPC Server Defaults.

    An RPC Server Defaults screen similar to the example below appears:

      
    
      05.11.08               ***** Entire Operations *****                  16:15:38
                                 RPC Server Defaults  
      ------------------------------------------------------------------------------
     
    
      SSL TRUST_STORE   
      /test/ogc-test/keyfile.pem____________________________________________________
      (required if RPC communication shall use SSL)   
      
    
      
    
      Command =>   
     Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12---
      Help   End Save
  2. Enter the name of the file that contains the valid SSL key. See also Usage of SSL TRUST_STORE.

  3. Press PF2 (Save) to save the entry.

Usage of SSL TRUST_STORE

The SSL TRUST_STORE field definition is required if the RPC communication uses SSL.

If the RPC server and the EntireX Broker should communicate via SSL, an SSL parameter string has to be committed during the startup of the EntireX Broker. This string is located within the SSL TRUST_STORE and contains a valid SSL key. For this purpose, the module Entire Operations SSL1P is executed during the startup of the RPC server.

The following description assumes that the EntireX Broker and the RPC server are installed in a UNIX environment.

  • For a general description of Natural RPC server with SSL, refer to the section Using Secure Socket Layer in the Natural RPC (Remote Procedure Call) documentation.

  • You must define SSL certificates, e.g. with openssl. Refer to the section SSL or TLS and Certificates with EntireX in the webMethods EntireX documentation.

  • Invoke the RPC Server Defaults, and define the SSL TRUST_STORE file.

  • The Natural profile parameter SRVNODE (on mainframes, the keyword subparameter SRVNODE of the profile parameter RPC ) must contain the string :SSL, or it must start with //SSL:

  • During the startup of the Entire Operations GUI Client RPC server, the Entire Operations module NOPSSL1P must be executed. This module creates and sets the SSL parameter string.

    Example for an Entire Operations GUI Client server startup in a shell script:

    natural parm=nopparm mainpr=10 \
    server=on trace=0 \
    srvname=NOP51S11 "srvnode=pcsn2:1958:SSL" \
    "stack=(logon syseor;nopsls-p;nopssl1p" \
    >/dev/null /null &
  • In Entire Operations GUI Client, make sure that the EntireX Broker service is invoked correctly. Nothing else special is to be done to use SSL communication.

Further RPC Server Considerations

To make sure that the correct Natural steplibs are being set in the RPC server, it is recommended to invoke the Natural mode NOPSLS-P during RPC server startup.

Note:
For further information, refer to Natural Steplibs in the Installation and Setup documentation.

If Natural Security is installed on the server and server library SYSSAT is protected, the Entire Operations GUI Client user has to be linked to library SYSSAT or he has to be a member of a group which possesses a link to SYSSAT.