Secure Sockets Layer (SSL)
The SSL protocol of the PTC RV&S Agent provides robust security for access across the Internet. When users connect through SSL, the connection ensures privacy, authentication, and message integrity.
The SSL protocol enables encrypted, authenticated communication across the Internet. In an SSL connection, the PTC RV&S Agent must have a security certificate. Each side then encrypts the data it sends ensuring the information can only be read by the intended recipient.
The PTC RV&S Agent complies with US Encryption Export Control Regulations. By default, the encryption strength for the SSL is 128 bit encryption.
To use the PTC RV&S Agent with SSL enabled, you must obtain a certificate for the machine running the PTC RV&S Agent. If you have an existing certificate, you can use it by importing it into the keystore (see Configuring PTC RV&S Agent for Your PTC RV&S Server). To create a new certificate to be signed by a Certificate Authority (CA) such as VeriSign (http://www.verisign.com), see Creating Signed PTC RV&S Agent Certificates.
The following are possible scenarios for using PTC RV&S Agent certificates:
• Generating a new certificate
◦ Certificate is being signed by a well-known CA.
◦ Certificate is being signed by CA that may not be well-known.
◦ You are using the new certificate as self-signed.
• Importing an existing certificate
◦ Certificate was signed by a well-known CA.
◦ Certificate was signed by a CA that may not be well-known.
◦ Certificate was self-signed.
Enabling SSL
Before you can secure SSL connections, you must get a PTC RV&S Agent certificate for the machine running the PTC RV&S Agent. If you have an existing PTC RV&S Agent certificate, see PTC RV&S Agent Configuration.
 |
You must have the signed certificate available when enabling SSL connections or the PTC RV&S Agent cannot start.
|
SSL connections are enabled when you configure the appropriate property keys in:
installdir\config\properties\agent.properties
where installdir is the PTC RV&S Agent installation directory.
Toenable SSL, set the following property key:
mksagent.secure.port=<SSL port number>
A value of 0 disables the SSL connection.
You must also set a password for the following property key:
mksagent.privatekey.password=keystore Password i
where keystore Password is the password used during certificate creation (see Creating Signed PTC RV&S Agent Certificates).