Securing Communication Between the CRR and the CAST

CentraSite 10.3 | CentraSite Administrator’s Guide | Configuring CentraSite | Configuring Secure Communication Between Components | Securing Communication Between the CRR and the CAST

Setting Security Configuration for CentraSite Registry Repository

Setting Security Configuration for CentraSite Application Server Tier Components

Obtaining Security Configuration of CentraSite Registry Repository

Obtaining Security Configuration of CentraSite Application Server Tier

CAST Stores

Identifying the Communication Method Between CAST and CRR

Allowing HTTP Communication Between CAST and CRR

The communication between the CRR and the CAST components takes place using the 2-way SSL authentication. For this full client/server SSL communication, the client and server must accept each other's certificates. This means that the CAST and CRR stores need to have matching certificates for the communication to work.

The CAST components have access to an SSL context to establish an SSL (HTTPS) connection to the CRR. The SSL authentication establishes a trusted relationship between the CentraSite Server on the CAST and the CRR. Therefore no user re-authentication needs to be performed by the CRR.

The CentraSite installation comes with self-signed certificates from Software AG.

You can configure a secure communication between the CRR and CAST. CentraSite provides a set of command line tools for this purpose.

Note:
Keep in mind that you must run the command tool on the machine hosting an CAST or CRR environment.

You can disable the SSL communication between the CRR and the CAST components. However, Software AG strongly recommends you not to do this, because it opens a potential security risk.