The Entire Operations GUI Client uses an RPC server. Some definitions for the RPC server can be made here.
This document covers the following topics:
To define the SSL trust store file
In the object workspace, select the metanode.
Open the context menu and select .
An RPC Defaults window similar to the example below opens:
Enter the name of the file that contains the valid SSL key. See also Usage of SSL TRUST_STORE.
Choose .
The SSL TRUST_STORE field definition is required if the RPC communication uses SSL.
If the RPC server and the EntireX Broker should communicate via SSL, an SSL parameter string has to be committed during the startup of the EntireX Broker. This string is located within the SSL TRUST_STORE and contains a valid SSL key. For this purpose, the Natural program NOPSSL1P in the library SYSEOR is executed during the startup of the RPC server.
The following description assumes that the EntireX Broker and the RPC server are installed in a UNIX environment.
For a general description of the Natural RPC server with SSL, refer to the section Using Secure Socket Layer in the Natural RPC (Remote Procedure Call) documentation.
You must define SSL certificates, e.g., with openssl. Refer to the section SSL or TLS and Certificates with EntireX in the webMethods EntireX documentation.
Invoke the RPC Defaults, and define the SSL TRUST_STORE file.
The Natural profile parameter SRVNODE
(on mainframes, the keyword subparameter SRVNODE of the profile
parameter RPC) must contain the string
:SSL, or it must start with //SSL:
During the startup of the Entire Operations GUI Client RPC server, the Natural program NOPSSL1P must be executed. This module creates and sets the SSL parameter string.
Example for an Entire Operations GUI Client server startup in a shell script:
natural parm=nopparm mainpr=10 \ server=on trace=0 \ srvname=NOP51S11 "srvnode=pcsn2:1958:SSL" \ "stack=(logon syseor;nopsls-p;nopssl1p" \ >/dev/null /null &
In Entire Operations GUI Client, make sure that the EntireX Broker service is invoked correctly. Nothing else special is to be done to use SSL communication.
To make sure that the correct Natural steplibs are being set in the RPC server, it is recommended to execute the Natural program NOPSLS-P during RPC server startup.
If Natural Security is installed on the server and server library SYSSAT is protected, the Entire Operations GUI Client user has to be linked to the library SYSSAT or he has to be a member of a group which possesses a link to SYSSAT.