📄️ Purpose of server certificates
USoft web applications support the use of Server certificates. Server Certificates are designed to protect you and visitors to your site. Server certificates allow you to:
📄️ How server certificates work
Server certificates take advantage of TLS to work seamlessly between your web site and your visitors' web browsers. This is how the process works:
📄️ How to configure a web server for SSL
To configure your web site for an TLS connection there are three main steps:
📄️ Self-signed certificates and OpenSSL
In some circumstances, a self-signed certificate can be used in place of a certificate that has been verified by a Certificate Issuer. This could be the case in a connection that is required to be encrypted, but that will never be accessed by a browser. A direct connection via JDBC or ODBC could be an example of this. As the self-signed certificate will not be accessed by a browser, error messages warning that the certificate is not verified will not be displayed. The connection however will make use of (Transport Layer Security) which is based upon SSL (Secure Sockets Layer) technology and encrypt data because a signed certificate exists, even though it was not signed by an official Certificate Issuer.
📄️ SSL Step 1: Download and install OpenSSL
To download and install OpenSSL:
📄️ SSL Step 2: Create a private key
For this example, we are going to create a private key called usoftca.key. Note that in this version, if you make your own key you must also use this file name:
📄️ SSL Step 3: Create a master certificate based on private key
In this step we will create a master certificate based on the private key that was created in Step 2.
📄️ SSL Step 4: Create public key and certificate signing request
In this step we will create a certificate signing request. This is the file (in this case usoft.com.csr) that is used to send to the Certification Authority to request confirmation of your identity. All Certification Authorities will ask for this file when applying for a certificate. You can also use this file to self-sign a certificate.
📄️ SSL Step 5: Self-sign the certificate
We are now going to self-sign the certificate. If you need a Certification Authority-signed certificate, you will have to send the certificate signing request file (usoft.com.csr) to the CA. They will then sign the resulting certificate (usoft.com.crt) and claim your identity over the internet. Before you can use this new certificate, you must also request and install a CA root certificate. This can be obtained from the CA.
📄️ Using self-signed certificates with USoft
You are now finished with OpenSSL, as you have generated the keys and certificates required to work with the Rules Service and Remote Rules Service.
📄️ Activation of TLS/SSL in the Remote Rules Service
Activate TLS in the Remote Rules service:
📄️ Activation of TLS/SSL in the JDBC Driver
To activate TLS in the JDBC driver:
📄️ Activation of TLS/SSL in the Rules Service
To activate TLS in the Rules Service: