Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 1

There are three ways to configure SSL.

...

For the first phase we have provided scripts that will generate self-signed certificates, which can be used for only testing purposes but should be avoided in production. 

Pass-Through SSL

Run the config-wildfly-domain-cert-backend.cmd script on the master node, then copy the generated keystore.pfx file over to the slave node to the same path. The keystore.pfx file will be generated in the path %WILDFLY_HOME%\domain\configuration\keystore.pfx.

Code Block
languagetext
cd /D %PROGRAMFILES%\ubisecure\customerid\tools
config-wildfly-domain-cert-backend.cmd

Encrypt traffic separately between Front-End and Back-End servers.

These scripts will generate self-signed SSL certificates that uses each host's IP address in the cn-field.

On the Master Node, run config-wildfly-domain-cert-master.cmd

...

Code Block
languagetext
cd /D %PROGRAMFILES%\ubisecure\customerid\tools
config-wildfly-domain-https.cmd


Securing other Back-End connections

Ubisecure CustomerID can be configured to make calls to third-party software during the user registration workflows. Typically data entered by the user is verified against a CRM or other backend service to determine which access rights a user should be automatically given based on an existing service agreement.

...