Broker 10.5 | webMethods Broker Documentation | webMethods Broker Client C API Programmer's Guide | Configuring Broker Client Security | Working with Secure Socket Layer (SSL) | Enabling SSL Authentication and Encryption
 
Enabling SSL Authentication and Encryption
 
Server Authentication with Encryption
Server Authentication without Encryption
Server and Client-side Authentication with Encryption
Server and Client Authentication without Encryption
To enable the use of SSL by your Broker client, your application needs access to a certificate file, the password for that file, and a truststore file. You use this information with the awSetDescriptorSSLCertificate method to enable SSL security, prior to creating or reconnecting a Broker client.
When a BrokerConnectionDescriptor is created, the certificate file will be set to NULL by default. Therefore, you must use the awSetDescriptorSSLCertificate function before creating or reconnecting a Broker client if you want to enable SSL security.
The awSetDescriptorSSLEncrypted method allows you to control whether or not data traffic will be encrypted when SSL is enabled. When a BrokerConnectionDescriptor is created, the encrypt flag will be set to 1 (true) by default. Therefore, you must use the awSetDescriptorSSLEncrypted function before creating or reconnecting a Broker client if you wish to disable data encryption.
With these two functions, you have several options for configuring SSL:
1. Disable SSL entirely (the default).
2. Enable server only authentication with encryption of data traffic.
3. Enable server only authentication without encryption.
4. Enable both server and client authentication with encryption.
5. Enable both server and client authentication without encryption.