skip to main content
Corticon Server: Integration & Deployment Guide : Secure servers with authentication and encryption : Implementing deployment security : Setting up encryption between servers and clients
 

Try Corticon Now
Setting up encryption between servers and clients

Enabling HTTPS

Corticon Server supports encrypted communications between the Web server and a Web service client. If you attempt to use the default HTTPS port, 8851 (for example, connecting from the Web Console, you get a security message indicating that your connection is not private. If you want to use HTTPS, you must enable the HTTPS connections.
Note: The following procedure pertains to the security of communication between the client application and the Server. To enable HTTPS communication between the Server and the client, you must obtain and install public key certificates for the Server host machine and complete separate configuration procedures for each deployed Client service and for the Server.
To enable HTTPS on Corticon Server for Java:
1. Obtain a private key and a Web server digital certificate.
2. Install the Web server digital certificate in the Web server.
3. Start the Corticon Server. When startup is complete, stop it. The initial startup creates the web.xml file.
4. Edit the file web.xml located at [CORTICON_WORK_DIR]\pas\server\webapps\axis\WEB-INF\ to uncomment the following section:
<security-constraint>
<web-resource-collection>
<web-resource-name>Corticon Server</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
...
</security-constraint>
Add in the following block to replace … above:
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
Note: If you already uncommented this section to enable Basic Authentication, review the web-resource-collection defined, and then add the user-data-constraint transport-guarantee block.
5. Save the file.
When you restart the Corticon Server, HTTPS is enabled on its default port, 8851.
Note: TLS for PAS requires clients to use Java 8 - The Progress Application Server bundled with Corticon is configured to use TLSv1.2 while the installed HTTPS client classes might have TLSv1.2 disabled, and then attempt to use TLSv1. Using the Java 8 JVM for clients resolves this issue.

Enabling the Corticon Studio to publish to a secure Corticon Server

Corticon Studio supports encrypted communications to a Corticon Server. To enable HTTPS communication between the Server and the Client, you must obtain and install public key certificates for the Corticon Studio. The public certificate then needs to be imported to the Java keystore for the Corticon Studio.