This content has been marked as final. Show 2 replies
Is this for the Jolt connection between the PIA and the App Server? Is the network between your web servers and app servers insecure? I would not generally recommend doing this within a datacenter because of the added performance hit. Why is it not sufficient to terminate the SSL at the PIA? Also, what version of Tuxedo are you using?
The documentation for Jolt SSL configuration is here (http://docs.oracle.com/cd/E13161_01/tuxedo/docs10gr3/jdg/dvconfig.html) if you need it.
The network is not insecure. The enduser connects to the peoplesoft frontend Weblogic PIA using https sessions, but our Enterprise Service Bus (coming from another secured zone in our lan) is using a connector adapter to CI's and connects directly to the JSL port on the Tuxedo APP server.
Whenever this situation occurs (two servers in different secured zones interfacing) our internal security baseline guidelines require it at least to be SSL encrypted and preferably running with two way authentication. Yes, I know.. very annoying!
Thanks for the link, it does provide some insight on how to start with SSL parameters but I'm not sure how to actually configure the keys & certificates as it falls short on explaining the actual steps and this document http://docs.oracle.com/cd/E13161_01/tuxedo/docs10gr3/rf5/rf5.html seems serious overkill to parse through :)
Edited by: 992692 on Mar 11, 2013 10:33 AM