Add SSL/TLS Support for an HTTP Connection

This scenario builds on the Basic HTTP Configuration by enabling security for the inbound and outbound nodes you defined in the netmap. Following is a diagram to illustrate the addition of SSL or TLS to the inbound and the outbound node connections.

Add SSL/TLS Support for HTTP Connection
Note: Before you configure SSL or TLS support, you must check in your certificates. Refer to Manage Certificates for SSL/TLS Transactions with Trading Partners.
To add SSL/TLS support to the netmap for the inbound and outbound nodes, define the following options for the connections:
  • Protocol
  • Cipher suites
  • Stores and certificates

To effectively configure and test this scenario:

  1. Add SSL/TLS support to the inbound node definition first and establish a session initiated by an HTTP client to an Sterling B2B Integrator server.
  2. Then, add SSL/TLS support to the outbound node definition and establish a session initiated by an HTTP client to an Sterling B2B Integrator server.

SSL/TLS Support for HTTP Worksheet

Before you add SSL/TLS support to the connection information you created in the Basic HTTP Configuration scenario, gather the information on the SSL/TLS Support Worksheet. You use this information as you configure the inbound and outbound nodes for SSL/TLS support.

Select the security setting and cipher suites to be used to secure the connection. To configure client authentication, enable this option. Select the key/system certificate to use to validate the connection.

Configuration Manager

Feature

Value

Inbound Node Name

Name of inbound node to add security to.

Select an inbound node definition from the list

Security Setting

Security protocol to use.
  • SSLv3
  • SSLv3 with v2 Hello
  • SSLv3 or TLSv1
  • SSLv3, TLSv1, 1.1, or 1.2
  • TLSv1
  • TLSv1.1
  • TLSv1.2

Enable Client Authentication

Do you want to require that the inbound connection present its certificate for SSL or TLS client authentication?

Yes or No

Trust Store

If client authentication is enabled, identify the trust store where the certificate is stored.

CA Certificates/Trusted Root

Name of CA certificate/trusted root (if client authentication is enabled).

Key Store

The database where the keys and system certificates you want to use are stored.

Key/System Certificate

Name of Secure Proxy system certificate presented to the inbound connection during the handshake.

Available Cipher Suites

Selected Cipher Suites

Select the ciphers to enable by moving them from the Available Ciphers to the Selected Ciphers field.

Select the security setting and cipher suites to be used to secure the connection. Select the trusted certificate to use to validate the server certificate. If the server requires client authentication, you must specify a server certificate. If the server requires client authentication, you specify a key/system certificate.

Configuration Manager Field

Feature

Value

Outbound Node Name

Name of outbound node to add security to.

Select a node definition from the list.

Security Setting

Security protocol to use.
  • SSLv3
  • SSLv3 with v2 Hello
  • SSLv3 or TLSv1
  • SSLv3, TLSv1, 1.1, or 1.2
  • TLSv1
  • TLSv1.1
  • TLSv1.2

Trust Store

The trust store where the certificate is stored.

CA Certificates/Trusted Root

Identify the certificate to use to secure the outbound connection.

Key Store

Key store where the Key/System Certificate is stored.

Key/System Certificate

System certificate used to validate the server.

Available Ciphers

Selected Ciphers

Cipher suites to enable.