If you are using a unified IDOL Server configuration, you can enable SSL communication between IDOL components. Set the SSLIDOLComponents
parameter to True
in the [Server]
section.
You can configure Secure Socket Layer (SSL) connections for communication between the following components and other IDOL components:
Agentstore
Category
Community
Content
IDOL Proxy
View
You can set SSLConfig
in the following configuration sections for SSL communications between IDOL components:
[Server]
to configure SSL communications for incoming ACI calls for all components.
[IndexServer]
to configure incoming SSL communications to the IDOL Server index port. This option implicitly includes any indexing components (such as Content).
[Service]
to configure incoming SSL communications to the IDOL Server service port.
[Agent]
to configure outgoing SSL communications from the IDOL Category component to the IDOL Content component where the IDOL Server agent index is stored (Agentstore).
[AgentDRE]
to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server agent index is stored (Agentstore).
[CatDRE]
to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server category index is stored (Agentstore).
[DataDRE]
to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server data index is stored (Content).
For SSL communication with the IDOL Agentstore component, you must also configure SSL settings in the IDOL Agentstore component configuration file.
For example:
[Server] SSLConfig=SSLOptions1 ... [AgentDRE] SSLConfig=SSLOptions2 ... [DataDRE] SSLConfig=SSLOptions2 ...
For Omni Group Servers:
[Note] GroupServerHost=... GroupServerPort=... SSLConfig=SSLOptions2 [SSLOptions1] //SSL options for incoming connections SSLMethod=TLSV1.2 SSLCertificate=host1.crt SSLPrivateKey=host1.key SSLCACertificate=trusted.crt [SSLOptions2] //SSL options for outgoing connections SSLMethod=TLSV1.2 SSLCertificate=host2.crt SSLPrivateKey=9s7BxMjD2d3M3t7awt/J8A SSLCACertificate=trusted.crt
|