Configuring IEC with HTTPS Communication and Similar Protocols

In order for EC Server to support HTTPS, you must create a certificate for the HTTP server and put it in a keystore. You must also add information to the file: HttpServer.xml. For a complete code listing of HttpServer.xml, see Sample outgoing channel.

In addition to configuring a EC HTTP server to receive messages, configure the EC Server that sends the messages.

During the SSL handshake, the server certificate is validated. To be able to validate the certificate, import the certificate into a trusted certificate store.

Configuring IEC with HTTPS Communication and Similar Protocols

  1. Access the Windows command prompt and navigate to the EC Server folder.
  2. Type the following:

    keytool -keystore httpKeystore -alias jetty -genkey -keyalg RSA

  3. At the prompts, ensure that you use the same password for the created keystore.

    You now have a certified keystore named httpKeystore .

  4. In order for EC Server to be able to manage HTTPS, add the following lines to the file: HttpServer.xml 
    
<Call name="addListener">
		<Arg>
			<New class="org.mortbay.http.SslListener">
				<Set name="Port">443</Set>
					<Set name="Keystore"><SystemProperty name=
						"jetty.home" default="."/>/httpKeystore</Set>
					<Set name="Password"#jetty4U</Set>
				<Set name="KeyPassword"#jetty4U</Set>
			</New>
		<Arg>
<Call>
  5. Export the server certificate from the HTTP server keystore to a file by typing the following command:

    keytool -export -keystore httpKeystore -alias jetty -file server.cer

    Note

    When using HTTPS, the port number is 443.

  6. Copy the certificate to the folder where you want to create your trusted store. To import the certificate into a non-existing store, type the following command:

    keytool -keystore trustedstore -import -alias jetty -file server.cer -trustcacerts