If you are using a unified HPE IDOL Server configuration, you can enable SSL communication between HPE IDOL components. Set the SSLIDOLComponents
parameter to True
in the [Server]
section.
You can configure Secure Socket Layer (SSL) connections for communication between the following components and other HPE IDOL components:
Agentstore
Category
Community
Content
HPE IDOL Proxy
View
You can set SSLConfig
in the following configuration sections for SSL communications between HPE IDOL components:
[Server]
to configure SSL communications for incoming ACI calls for all components.
[IndexServer]
to configure incoming SSL communications to the HPE IDOL Server index port. This option implicitly includes any indexing components (such as Content).
[Service]
to configure incoming SSL communications to the HPE IDOL Server service port.
[Agent]
to configure outgoing SSL communications from the Category component to the Content component where the HPE IDOL Server agent index is stored (Agentstore).
[AgentDRE]
to configure outgoing SSL communications from HPE IDOL components to the Content component where the HPE IDOL Server agent index is stored (Agentstore).
[CatDRE]
to configure outgoing SSL communications from HPE IDOL components to the Content component where the HPE IDOL Server category index is stored (Agentstore).
[DataDRE]
to configure outgoing SSL communications from HPE IDOL components to the Content component where the HPE IDOL Server data index is stored.
For SSL communication with the Agentstore component, you must also configure SSL settings in the Agentstore configuration file.
For example:
[Server] SSLConfig=SSLOptions1 ... [AgentDRE] SSLConfig=SSLOptions2 ... [DataDRE] SSLConfig=SSLOptions2 ...
For Omni Group Servers:
[Note] GroupServerHost=... GroupServerPort=... SSLConfig=SSLOptions2 [SSLOptions1] //SSL options for incoming connections SSLMethod=TLSV1.2 SSLCertificate=host1.crt SSLPrivateKey=host1.key SSLCACertificate=trusted.crt [SSLOptions2] //SSL options for outgoing connections SSLMethod=TLSV1.2 SSLCertificate=host2.crt SSLPrivateKey=9s7BxMjD2d3M3t7awt/J8A SSLCACertificate=trusted.crt
|