There are three ways to configure SSL.
...
For the first phase we have provided scripts that will generate self-signed certificates, which can be used for only testing purposes but should be avoided in production.
Pass-Through SSL
Run the config-wildfly-domain-cert-backend.cmd script on the master node, then copy the generated keystore.pfx file over to the slave node to the same path. The keystore.pfx file will be generated in the path %WILDFLY_HOME%\domain\configuration\keystore.pfx.
| Code Block | ||
|---|---|---|
| ||
cd /D %PROGRAMFILES%\ubisecure\customerid\tools config-wildfly-domain-cert-backend.cmd |
Encrypt traffic separately between Front-End and Back-End servers.
These scripts will generate self-signed SSL certificates that uses each host's IP address in the cn-field.
On the Master Node, run config-wildfly-domain-cert-master.cmd
...
| Code Block | ||
|---|---|---|
| ||
cd /D %PROGRAMFILES%\ubisecure\customerid\tools config-wildfly-domain-cert-backendslave.cmd |
In this configuration - and depending on your Front-End Server - you may have to separately configure your Front-End Server(s) to trust the Back-End servers' certificates.
...
| Code Block | ||
|---|---|---|
| ||
cd /D %PROGRAMFILES%\ubisecure\customerid\tools config-wildfly-domain-https.cmd |
Securing other Back-End connections
Ubisecure CustomerID can be configured to make calls to third-party software during the user registration workflows. Typically data entered by the user is verified against a CRM or other backend service to determine which access rights a user should be automatically given based on an existing service agreement.
...