Secure Sockets Layer (SSL)

Installation et configuration de l'agent > Agent PTC RV&S Security > Secure Sockets Layer (SSL)

The SSL protocol of the Agent PTC RV&S provides robust security for access across the Internet. When users connect through SSL, the connection ensures privacy, authentication, and message integrity.

The SSL protocol enables encrypted, authenticated communication across the Internet. In an SSL connection, the Agent PTC RV&S must have a security certificate. Each side then encrypts the data it sends ensuring the information can only be read by the intended recipient.

The Agent PTC RV&S complies with US Encryption Export Control Regulations. By default, the encryption strength for the SSL is 128 bit encryption.

To use the Agent PTC RV&S with SSL enabled, you must obtain a certificate for the machine running the Agent PTC RV&S. If you have an existing certificate, you can use it by importing it into the keystore (see Configuring Agent PTC RV&S for Your Serveur PTC RV&S). To create a new certificate to be signed by a Certificate Authority (CA) such as VeriSign (http://www.verisign.com), see Creating Signed Agent PTC RV&S Certificates.

The following are possible scenarios for using Agent PTC RV&S certificates:

• Generating a new certificate

◦ Certificate is being signed by a well-known CA.

◦ Certificate is being signed by CA that may not be well-known.

◦ You are using the new certificate as self-signed.

• Importing an existing certificate

◦ Certificate was signed by a well-known CA.

◦ Certificate was signed by a CA that may not be well-known.

◦ Certificate was self-signed.

Enabling SSL

Before you can secure SSL connections, you must get a Agent PTC RV&S certificate for the machine running the Agent PTC RV&S. If you have an existing Agent PTC RV&S certificate, see Agent PTC RV&S Configuration.

You must have the signed certificate available when enabling SSL connections or the Agent PTC RV&S cannot start.

SSL connections are enabled when you configure the appropriate property keys in:

installdir\config\properties\agent.properties

where installdir is the Agent PTC RV&S installation directory.

Toenable SSL, set the following property key:

mksagent.secure.port=<SSL port number>

A value of 0 disables the SSL connection.

You must also set a password for the following property key:

mksagent.privatekey.password=keystore Password i

where keystore Password is the password used during certificate creation (see Creating Signed Agent PTC RV&S Certificates).

Est-ce que cela a été utile ?