Software AG Products 10.5 | Administering Integration Server | Configuring Integration Server for Secure Communication | Roadmap for Configuring SSL
 
Roadmap for Configuring SSL
 
Creating Integration Server Keys and Certificates
Creating a Keystore and Truststore
Obtaining the Certificates and Keys of the Partner Application
Configuring an HTTPS or FTPS Port
The following table provides a high-level roadmap for configuring SSL on Integration Server.
Task
Activities
Notes
Create Integration Server keys and certificates
*Generate a public key/private key pair.
*Generate a certificate signing request (CSR) and send to the certificate authority (CA) for signing.
*Receive validated certificate from the CA.
*Import signed certificate into a keystore.
Required for one-way and two-way SSL connections.
Refer to the documentation for Java keytool or your certificate management tool.
Create keystore and truststore for Integration Server
*Create a keystore and import the signed certificate and private key.
*Create a truststore and import the certificate of the signing CA.
*Store the keystore and truststore in a secure IS certificates directory.
*Create aliases for the keystore and truststore.
Important:
If you use Oracle keytool to create the keystore, you cannot import an existing private key. You can use other tools such as OpenSSL or Portecle.
Required for one-way and two-way SSL connections.
Refer to the following:
*The documentation for your certificate management tool
Obtain certificates of partner application or resource
- and -
Create certificate mapping
Use the Integration Server Administrator to save the following:
*Signed certificate of the partner application.
*Signed certificate of the CA for the partner's SSL certificate.
Required for two-way SSL connections.
Refer to the following:
Add an HTTPS or FTPS port (if none are defined)
If you want to allow only secure connections to the server:
*Ensure that the primary port uses an HTTPS port.
*Delete all other non-HTTPS ports.
Add additional HTTPS or FTPS ports as required.
Required for one-way and two-way SSL connections.