CentraSite 10.11 | CentraSite Administrator’s Guide | Configuring CentraSite | Configuring Secure Communication Between Components | Securing Communication Between the CRR and the CAST
 
Securing Communication Between the CRR and the CAST
 
Obtaining Security Configuration of CentraSite Registry Repository
Setting Security Configuration for CentraSite Registry Repository
Obtaining Security Configuration of CentraSite Application Server Tier
Setting Security Configuration for CentraSite Application Server Tier Components
CAST Stores
Identifying the Communication Method Between CAST and CRR
Allowing HTTP Communication Between CAST and CRR
The communication between the CRR and the CAST components takes place using the 2-way SSL authentication. For this full client/server SSL communication, the client and server must accept each other's certificates. This means that the CAST and CRR stores need to have matching certificates for the communication to work.
The CAST components have access to an SSL context to establish an SSL (HTTPS) connection to the CRR. The SSL authentication establishes a trusted relationship between the CentraSite Server on the CAST and the CRR. Therefore no user re-authentication needs to be performed by the CRR.
The CentraSite installation comes with self-signed certificates from Software AG.
You can configure a secure communication between the CRR and CAST. CentraSite provides a set of command line tools for this purpose.
Note:
Keep in mind that you must run the command tool on the machine hosting a CAST or CRR environment.
You can disable the SSL communication between the CRR and the CAST components. However, Software AG strongly recommends you not to do this, because it opens a potential security risk.