Question

1
Replies
94
Views
bisse766 Member since 2014 5 posts
Swedish Unemployment Funds
Posted: 4 years ago
Last activity: 4 years 6 months ago
Closed

Possible to config AES to use client certificate over https?

Hi,

I am about to secure the PRPC server(s) with https and client certificate for 2 way validation. I will also configure a security constraint for the PRSoapServlet allowing only SSL connections (the standard PRServlet still needs to be available via http for our end users (ssl is managed in the firewall/loadbalancer for end users).

However this means all web service clients using it has to use https and also have the certificate installed.

We have AES and I believe - please correct me if I'm wrong - that the surveilled nodes do send health pulses to the AES, but when the AESmanager wants to take a deeper look (like clicking on Reports, Requestors, Agents etc) the AES node do connect to the surveilled node via the PRSoapServlet.

So my worry is that if I force the PRSoapServlet to only answer to requests over SSL I will break AES.

Is it possible to also have the AES node using the certificate and only connect with https?

Thanks in advance

Henrik

Data Integration Security
Moderation Team has archived post
Share this page LinkedIn