Configuring HTTPS enables encrypted traffic between the components of your Corticon deployment:
On a Corticon Server, configuring HTTPS encrypts all calls to execute a Corticon Decision Service and encrypts the response that is returned. This is particularly important if you have an unsecure network and are passing sensitive data to or from a Decision Service. Configuring HTTPS on the Corticon Server also encrypts all administrative traffic with the Corticon Server.
On a Web Console, configuring HTTPS will encrypt all communication between the web browser used by a Corticon administrator and the Web Console. This is important if you have an unsecure network and want to prevent snooping on administrative traffic.
Clients using HTTPS to access a Corticon Server must have client certificate installed at their end. This is true for clients calling the Corticon Server to execute a decision service, administrators using their browser to access the Web Console, and the Web Console Server for accessing managed Corticon Servers.
Setting up encrypted communications
Configuring HTTPS requires a signed CA certificate to be installed on each Corticon Server and Web Console you want to enable for encryption. When the Corticon Server and Web Console are hosted on the same application server, a single certificate can be shared. Any client that wants to use HTTPS to enable secure communications with a server requires a client certificate so that they can handshake and negotiate the encryption algorithm that will be applied.
To enable HTTPS on Corticon Server for Java, obtain a private key and a signed Web server digital certificate, and then install the Web server digital certificate in the Java keystore using the Java Keytool utility.
When certificates have been added and the server restarted, HTTPS is enabled on its default port, 8851.
Using HTTPS in Corticon Studio
You must obtain and install public key certificates for the Corticon Studio. The public certificate then needs to be imported to the Java keystore for the Corticon Studio.
You can use HTTPS from Studio to a Server for:
Packaging operations - Whether deploying Decision Services directly to a Corticon Server or to a Corticon Server managed by the WebConsole, you can choose the https:// protocol and provide the Server's HTTPS port, 8851.
Running Ruletests on Servers - When you choose a remote server that has enabled HTTPS, you can choose the https:// protocol and provide the Server's HTTPS port, 8851.
On a Corticon Server, configuring HTTPS encrypts all calls to execute a Corticon Decision Service and encrypts the response that is returned. This is particularly important if you have an unsecure network and are passing sensitive data to or from a Decision Service. Configuring HTTPS on the Corticon Server also encrypts all administrative traffic with the Corticon Server.