Question

1
Replies
97
Views
Close popover
Henrik Troeng (bisse766)
Swedish Unemployment Funds
Platform and Operations
Swedish Unemployment Funds
SE
bisse766 Member since 2014 5 posts
Swedish Unemployment Funds
Posted: April 15, 2016
Last activity: April 18, 2016
Closed

Possible to config AES to use client certificate over https?

Hi,

I am about to secure the PRPC server(s) with https and client certificate for 2 way validation. I will also configure a security constraint for the PRSoapServlet allowing only SSL connections (the standard PRServlet still needs to be available via http for our end users (ssl is managed in the firewall/loadbalancer for end users).

However this means all web service clients using it has to use https and also have the certificate installed.

We have AES and I believe - please correct me if I'm wrong - that the surveilled nodes do send health pulses to the AES, but when the AESmanager wants to take a deeper look (like clicking on Reports, Requestors, Agents etc) the AES node do connect to the surveilled node via the PRSoapServlet.

So my worry is that if I force the PRSoapServlet to only answer to requests over SSL I will break AES.

Is it possible to also have the AES node using the certificate and only connect with https?

Thanks in advance

Henrik

Data Integration Security
Moderation Team has archived post