Bookshelf Home | Contents | Index | PDF |
Security Guide for Siebel eBusiness Applications > Communications and Data Encryption > Configuring Secure Communications > Configuring Encryption for Siebel Enterprise and SWSEWhen you configure your Siebel Enterprise or Siebel Web Server Extension (SWSE) following installation, you specify which encryption type to use for communications between the Siebel Server and the Web server (SWSE), and between Siebel Servers. Communications between these modules use the SISNAPI protocol. The encryption type setting determines how encryption is defined within generated connect strings for Siebel eBusiness Applications. It also corresponds to the value of the Siebel Enterprise parameter The Siebel Software Configuration Utility appears when you first install the Siebel Enterprise or SWSE. For information about running this utility, see the Siebel Installation Guide for the operating system you are using. Using this utility, you can specify to use Secure Sockets Layer (SSL), Microsoft Crypto, or RSA encryption. (For SSL, you specify None, then specify whether to deploy SSL.) You can use both SSL and RSA or Microsoft Crypto for SISNAPI encryption in a single Siebel Enterprise. This flexibility is because SSL is enabled at the Siebel Server level while RSA or Microsoft Crypto are enabled at the server component level. For example, because the remote synchronization SISNAPI channel does not currently support SSL, RSA or Microsoft Crypto are the only encryption options for this channel. To encrypt this channel with RSA or Microsoft Crypto, run the remote component on a Siebel Server separate from the Siebel Servers that are configured for SSL. Then, enable RSA or Microsoft Crypto for the remote component. Use SSL or RSA/Microsoft Crypto to encrypt different communication channels; it does not make sense to encrypt the same communication channel with both SSL and RSA or Microsoft Crypto. In the Siebel Software Configuration Utility, the Encryption Type screen displays the options for configuring the encryption type. You can choose one of the following options:
NOTE: For Siebel installations that include both UNIX and Microsoft Windows platforms, it is recommended to use an encryption method supported across platforms, such as SSL or RSA. If you specified None for the encryption type, the utility prompts you for whether you want to deploy SSL in the enterprise (for the Siebel Enterprise or for SWSE).
Key Exchange for Microsoft Crypto or RSA EncryptionIf you are using Microsoft Crypto or RSA encryption, the following steps explain how Siebel encryption keys are exchanged between the client (for example, the Web server) and the server (for example, Siebel Server).
NOTE: If you are using SSL encryption between the Web server and Siebel Server or between Siebel Servers, key exchange is handled through a standard SSL handshake. |
Security Guide for Siebel eBusiness Applications |