The Entire Operations GUI Client uses an RPC server. Some definitions for the RPC server can be made here.
This document covers the following topics:
To define the SSL trust store file
In the object workspace, select the
metanode.Open the context menu and select
.An RPC Defaults window similar to the example below opens:
Enter the name of the file that contains the valid SSL key. See also Usage of SSL TRUST_STORE.
Choose
.The SSL TRUST_STORE field definition is required if the RPC communication uses SSL.
If the RPC server and the EntireX Broker should communicate via SSL, an SSL parameter string has to be committed during the startup of the EntireX Broker. This string is located within the SSL TRUST_STORE and contains a valid SSL key. For this purpose, the module Entire Operations SSL1P is executed during the startup of the RPC server.
The following description assumes that the EntireX Broker and the RPC server are installed in a UNIX environment.
For a general description of Natural RPC server with SSL, refer to the section Using Secure Socket Layer in the Natural RPC (Remote Procedure Call) documentation.
You must define SSL certificates, e.g. with openssl. Refer to the section SSL or TLS and Certificates with EntireX in the webMethods EntireX documentation.
Invoke the RPC Defaults, and define the SSL TRUST_STORE file.
The Natural profile parameter SRVNODE
(on
mainframes, the keyword subparameter SRVNODE
of the profile
parameter RPC
) must contain the string
:SSL
, or it must start with //SSL:
During the startup of the Entire Operations GUI Client RPC server, the Entire Operations module NOPSSL1P must be executed. This module creates and sets the SSL parameter string.
Example for an Entire Operations GUI Client server startup in a shell script:
natural parm=nopparm mainpr=10 \ server=on trace=0 \ srvname=NOP51S11 "srvnode=pcsn2:1958:SSL" \ "stack=(logon syseor;nopsls-p;nopssl1p" \ >/dev/null /null &
In Entire Operations GUI Client, make sure that the EntireX Broker service is invoked correctly. Nothing else special is to be done to use SSL communication.
To make sure that the correct Natural steplibs are being set in the RPC server, it is recommended to invoke the Natural mode NOPSLS-P during RPC server startup.
Note:
For further information, refer to
Natural
Steplibs in the Installation and
Setup documentation.
If Natural Security is installed on the server and server library SYSSAT is protected, the Entire Operations GUI Client user has to be linked to library SYSSAT or he has to be a member of a group which possesses a link to SYSSAT.