webMethods 10.2 | Integration Server Administrator's Guide | Configuring webMethods Enterprise Gateway | Frequently Asked Questions about Enterprise Gateway
 
Frequently Asked Questions about Enterprise Gateway
This section provides answers to some frequently asked questions about Enterprise Gateway.
*If I define the Enterprise Gateway external port to use HTTPS, do I need to define the Enterprise Gateway registration port to be an HTTPS port too?
No. The external port and the registration port operate independently.
*How many connections should I register between Enterprise Gateway Server and the Internal Server?
That depends on the expected load and the size of the transactions. A connection between Enterprise Gateway Server and the Internal Server is available except when a request is being written to the Internal Server or a response is being returned from the Internal Server. In other words, Enterprise Gateway connection utilization is I/O bound. Therefore, if you expect large, simultaneous transactions, increase the number of registered connections accordingly.
If the Internal Server runs out of registration connections, it will issue the following error message:

number requests waiting for a registration connection.
Each connection consumes a thread, either from the Internal Server’s common thread pool or from the internal listener’s private thread pool, if one is defined. The consumed thread can only be used to process requests from Enterprise Gateway Server.
If you have defined a private thread pool for the internal registration listener, the number of connections you can specify in the Max Connections box is limited to the maximum number of threads allowed in the private thread pool for this listener.
If you have multiple internal registration listeners, each with its own private thread pool, the same rule applies for each internal registration listener.
If you have not defined a private thread pool for an internal registration listener, a reasonable limit for the Max Connections box is 75% of the number of server threads specified in Server Thread Pool Max Threads box on the Settings > Resources page. If you have multiple internal registration listeners and none of them have private thread pools, the sum of all connections specified in the Max Connections boxes for these listeners should not exceed 75% of the number of server threads specified in Server Thread Pool Max Threads.
A thread will remain open unless it is closed by a firewall, a network glitch, or an exception.
*Is there persistence with Enterprise Gateway Server?
No. Enterprise Gateway Server is just a network hop for the incoming request.
*I want to authenticate the SSL credentials of external clients. Where do I set up certificates?
The following table shows where to set up certificates for the default Enterprise Gateway configuration, in which the Internal Server performs client authentication. If you want to perform client authentication on Enterprise Gateway Server as well, see Performing Client Authentication on Enterprise Gateway Server .
Enterprise Gateway Server
Internal Server
Enterprise Gateway External Port
*Set up a keystore that contains the server certificate and private key for Enterprise Gateway Server.
*Set up a truststore that contains the certificates of certificate authorities trusted by Enterprise Gateway Server.
Enterprise Gateway Server will make sure that certificates sent by external clients are signed by CAs in this truststore.
This truststore must be the same as the truststore on the Internal Server.
*Set up a truststore that contains the certificates of certificate authorities trusted by the Internal Server.
The Internal Server will make sure that certificates sent by external clients (through Enterprise Gateway Server) are signed by CAs in this truststore.
This truststore must be the same as the truststore for the Enterprise Gateway external port.
*(Optional) Import public certificates of external users and map them to users on Enterprise Gateway Server.
Do this only if you want to perform client authentication on Enterprise Gateway Server in addition to the Internal Server.
If you choose to perform client authentication on both Enterprise Gateway Server and the Internal Server, make sure the certificate mappings are the same on both servers.
*Import public certificates of external users and map them to users on the Internal Server.
If you choose to perform client authentication on both Enterprise Gateway Server and the Internal Server, make sure the certificate mappings are the same on both servers.
Enterprise Gateway Registration Port (HTTPS)
*Import the Internal Server’s public certificate and map it to a user that has administrator privileges.
*Set up a keystore that contains the Internal Server’s certificate and private key.
*Make sure the Internal Server’s CA certificate is present in the truststore of the registration port
*Make sure the registration port’s CA certificate is present in the Internal Server’s truststore.
*Can I use Enterprise Gateway Server as my outbound proxy server as well?
No. The only requests that go through Enterprise Gateway Server are inbound requests from the external client destined for the Internal Server and responses to those requests from the Internal Server back to the external client. Any unsolicited requests from the Internal Server go directly to the external client.
*What authentication mode should I use for Enterprise Gateway Server and the Internal Server?
Authentication mode is the method a server uses to authenticate client requests. In a default Enterprise Gateway configuration, Enterprise Gateway Server receives authentication information from the external client and passes it to the Internal Server, which performs the authentication.
Be sure to specify the same authentication mode for the Internal Server and for the Enterprise Gateway external port. For example, if the Internal Server’s authentication mode is Required, the external port must also be Required so that Enterprise Gateway Server always passes the external client’s certificate to the Internal Server.
In contrast, the authentication mode of the Enterprise Gateway registration port does not need to match the authentication mode of the Internal Server or the Enterprise Gateway external port.
If you want to perform client authentication on Enterprise Gateway Server, see Performing Client Authentication on Enterprise Gateway Server .
*Does Enterprise Gateway support the FTP protocol?
No, support is limited to HTTP and HTTPS only.
*Are the SOCK and SSLSOCK protocols supported?
No, these were proprietary protocols used in older releases. Starting with the 7.1 release, SOCK and SSLSOCK have been replaced by HTTP and HTTPS.
*Is it possible to filter requests on Enterprise Gateway Server?
Yes. You can use Enterprise Gateway rules to filter requests based on a number of factors, including request size, request type, and the name of resource being invoked.

Copyright © 2017-2018 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release