Bookshelf v8.1/8.2: About Configuring Encryption for a Siebel Enterprise and SWSE

Siebel Security Guide > Communications and Data Encryption >

About Configuring Encryption for a Siebel Enterprise and SWSE

When you configure your Siebel Enterprise or Siebel Web Server Extension (SWSE) logical profile after installation using the Siebel Configuration Wizard, you specify the encryption type to use for communications between the Siebel Server and the Web server (SWSE), and between Siebel Servers. Communications between these modules use the SISNAPI protocol.

The encryption type setting determines how encryption is defined within generated connect strings for Siebel Business Applications. It also corresponds to the value of the Siebel Enterprise parameter Encryption Type (alias Crypt). You can specify Secure Sockets Layer (SSL), Transport Layer Security (TLS), Microsoft Crypto, or RSA encryption.

You can use SSL or TLS, and RSA or Microsoft Crypto for SISNAPI encryption in a single Siebel Enterprise. This flexibility is because SSL and TLS are enabled at the Siebel Server level while RSA or Microsoft Crypto are enabled at the server component level. For example, because the remote synchronization SISNAPI channel does not currently support SSL or TLS, RSA or Microsoft Crypto are the only encryption options for this channel. To encrypt this channel with RSA or Microsoft Crypto, run the remote component on a Siebel Server separate from the Siebel Servers that are configured for SSL or TLS. Then, enable RSA or Microsoft Crypto for the remote component.

Use SSL or TLS with RSA or Microsoft Crypto to encrypt different communication channels; it does not make sense to encrypt the same communication channel with both SSL or TLS and RSA or Microsoft Crypto.

When configuring the Siebel Enterprise using the Siebel Configuration Wizard, the Security Encryption Level or Type screen displays the following options for configuring the encryption type:

SISNAPI Without Encryption
SISNAPI Using RSA Encryption Algorithm
SISNAPI Using TLS 1.2
SISNAPI Using SSL 3.0
SISNAPI Using Enhanced SSL 3.0 (requires hardware proxy)
SISNAPI Using Microsoft Crypto Enhanced API Encryption

NOTE: For Siebel installations that include both UNIX and Microsoft Windows operating systems, it is recommended that you use an encryption method supported across operating systems, such as SSL, TLS or RSA.

When using the Siebel Configuration Wizard to configure a SWSE logical profile that you subsequently deploy to Web servers in your Siebel environment, the option, Deploy SSL or TLS in the Enterprise, allows you specify SSL or TLS for communication between Siebel Servers and the SWSE.

For information about running the Siebel Configuration Wizard, see the Siebel Installation Guide for the operating system you are using. For information on configuring SSL or TLS, see the following topics:

Siebel Security Guide		Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices.