Enabling SSL for the MDEX Engine and Forge

This section describes configuring the MDEX Engine to use SSL and, optionally, mutual authentication when communicating with the Presentation API and other Endeca system components.

Note: This section assumes that you configured the Endeca JCD service to use SSL when communicating with the Control Interpreter.

You can configure Forge to use SSL between the Forge server and Forge client in a parallel Forge implementation. The configuration process depends on whether you are using a Control Interpreter script or the Endeca Application Controller. Both processes are described in the following sections.

Keep in mind that you will be using the following two certificate files to configure SSL:

eneCert.pem — The certificate used by all clients and servers to specify their identity when using SSL. This certificate file should be thought of as the identity of the Endeca system, or as the identity of all components of the Endeca system.
eneCA.pem — The Certificate Authority (CA) file used by all clients and servers that wish to authenticate the other endpoint of a communication channel.

These certificate files are not shipped with the product. Therefore, you must use the enecerts utility to generate them, as described in the Endeca Security Guide.