Set up SSL between IDOL components

If you are using a unified IDOL Server configuration, you can enable SSL communication between IDOL components. Set the SSLIDOLComponents parameter to True in the [Server] section.

You can configure Secure Socket Layer (SSL) connections for communication between the following components and other IDOL components:

  • Agentstore

  • Category

  • Community

  • Content

  • IDOL Proxy

  • View

You can set SSLConfig in the following configuration sections for SSL communications between IDOL components:

  • [Server] to configure SSL communications for incoming ACI calls for all components.

  • [IndexServer] to configure incoming SSL communications to the IDOL Server index port. This option implicitly includes any indexing components (such as Content).

  • [Service] to configure incoming SSL communications to the IDOL Server service port.

  • [Agent] to configure outgoing SSL communications from the IDOL Category component to the IDOL Content component where the IDOL Server agent index is stored (Agentstore).

  • [AgentDRE] to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server agent index is stored (Agentstore).

  • [CatDRE] to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server category index is stored (Agentstore).

  • [DataDRE] to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server data index is stored (Content).

NOTE: For SSL communication with the IDOL Agentstore component, you must also configure SSL settings in the IDOL Agentstore component configuration file.

For example:

[Server]
SSLConfig=SSLOptions1
...

[AgentDRE]
SSLConfig=SSLOptions2
...

[DataDRE]
SSLConfig=SSLOptions2
...

For Omni Group Servers:

[Note]
GroupServerHost=...
GroupServerPort=...
SSLConfig=SSLOptions2

[SSLOptions1]             //SSL options for incoming connections
SSLMethod=TLSV1.3
SSLCertificate=host1.crt
SSLPrivateKey=host1.key
SSLCACertificate=trusted.crt

[SSLOptions2]            //SSL options for outgoing connections
SSLMethod=TLSV1.3
SSLCertificate=host2.crt
SSLPrivateKey=9s7BxMjD2d3M3t7awt/J8A
SSLCACertificate=trusted.crt