IBM FileNet P8, Version 5.2.1            

Configuring SSL for server communication

Content Platform Engine sends web requests to another Content Platform Engine to store and retrieve content. This communication can occur on both secure and nonsecure channels. You can configure the servers to communicate over a secure connection by using the Secure Sockets Layer (SSL) protocol.

About this task

During Content Platform Engine to Content Platform Engine communication, one server acts as an SSL server, and one acts as the SSL client. As an SSL server, Content Platform Engine provides its identity in the form of a digital certificate to the other server. The Content Platform Engine that is acting as the SSL client uses the certificate data to confirm that it is communicating with the actual Content Platform Engine server. For certificate-authority-issued certificates, the data that is embedded in a digital certificate is verified by a certificate authority and digitally signed with the certificate authority's digital certificate. For self-signed certificates, the creator of the certificate deploys that certificate to their own server and takes on that responsibility.

The digital certificate of many well-known certificate authorities such as Verisign and Entrust are typically included in the default trust store of the Java™ virtual machine used by the application server that hosts Content Platform Engine. If you are using certificate-authority-issued digital certificates on your Content Platform Engine servers, you might not need to configure the Content Platform Engine server that acts as the SSL client. If the certificate is not already in the trust store of this server, you must add the certificate before it connects to the Content Platform Engine that is acting as the SSL server.

Important: You must configure each server that participates in Content Platform Engine to Content Platform Engine communication as both an SSL server and an SSL client by using the procedures in this section.


Last updated: October 2015
p8pcc359.htm

© Copyright IBM Corporation 2015.