AppServer State-Reset and State-AwareIf an AppServer is setup as
State-Reset or
State-Aware, the clients connect to the Broker and then are redirected to the Agent:
- The stream from the client to the Broker can be SSL/TLS encrypted.
- The stream from the client to the Agent can be SSL/TLS encrypted.
When the AppServer Broker is told to shutdown it opens SSL/TLS streams to each Agent instructing the Agent to shut down.
AppServer Stateless and State-FreeIf an AppServer is setup as
Stateless and
State-Free, the clients communicate with the Agents through the Broker:
- The client communicates to the Broker through encrypted SSL/TLS stream.
- The Broker speaks to Agent through an unencrypted TCP channel.
- The Broker gets the data from the Agent and sends it back to client through the SSL/TLS stream which has already been established with client.
WebSpeedWebSpeed Messengers can use SSL to the WebSpeed Brokers and to the Webspeed Agents
Web Services
- An ABL Web Services client to a Web Server can be secured with HTTPS.
- The Web Service Adapter / REST Adapter uses unencrypted TCP data to communicate with the NameServer.
- The Web Service Adapter / REST Adapter to AppServer can use SSL/TLS.
AppServer Internet Adapter (AIA)The AIA has been enhanced to allow SSL/TLS connections from AIA directly to the AppServer. The AIA is treated as a client here.
Java / .NET Open ClientThe client can use HTTPS to communicate with a Web Server (e.g. the AIA).
The AppServer Internet Adapter (AIA) can use SSL/TLS to communicate with the AppServer, where the AIA functions as a client to the AppServer.
The Root CA’s must be imported into the Windows Cert Store for the .Net client to find it. A .Net client only uses the Windows Cert Store to find certificates.
Sonic Adapter
- The ABL client to the JVM hosting the Sonic Adapter can be SSL/TLS.
- The Sonic Adapter JVM to the Sonic Broker can be SSL/TLS.
Further information on Firewall Considerations and Configuration are provided in the Article References below.
