Set up SSL between IDOL components
If you are using a unified IDOL Server configuration, you can enable SSL communication between IDOL components. Set the SSLIDOLComponents
parameter to True
in the [Server]
section.
You can configure Secure Socket Layer (SSL) connections for communication between the following components and other IDOL components:
-
Agentstore
-
Category
-
Community
-
Content
-
IDOL Proxy
-
View
You can set SSLConfig
in the following configuration sections for SSL communications between IDOL components:
-
[Server]
to configure SSL communications for incoming ACI calls for all components. -
[IndexServer]
to configure incoming SSL communications to the IDOL Server index port. This option implicitly includes any indexing components (such as Content). -
[Service]
to configure incoming SSL communications to the IDOL Server service port. -
[Agent]
to configure outgoing SSL communications from the IDOL Category component to the IDOL Content component where the IDOL Server agent index is stored (Agentstore). -
[AgentDRE]
to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server agent index is stored (Agentstore). -
[CatDRE]
to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server category index is stored (Agentstore). -
[DataDRE]
to configure outgoing SSL communications from IDOL components to the IDOL Content component where the IDOL Server data index is stored (Content).
NOTE: For SSL communication with the IDOL Agentstore component, you must also configure SSL settings in the IDOL Agentstore component configuration file.
For example:
[Server] SSLConfig=SSLOptions1 ... [AgentDRE] SSLConfig=SSLOptions2 ... [DataDRE] SSLConfig=SSLOptions2 ...
For Omni Group Servers:
[Note] GroupServerHost=... GroupServerPort=... SSLConfig=SSLOptions2 [SSLOptions1] //SSL options for incoming connections SSLMethod=TLSV1.3 SSLCertificate=host1.crt SSLPrivateKey=host1.key SSLCACertificate=trusted.crt [SSLOptions2] //SSL options for outgoing connections SSLMethod=TLSV1.3 SSLCertificate=host2.crt SSLPrivateKey=9s7BxMjD2d3M3t7awt/J8A SSLCACertificate=trusted.crt