Endeca Platform Services Security Guide · Version 6.0.3 · June 2012
Copyright © 2003, 2012, Oracle and/or its affiliates. All rights reserved.
The controller.aspx file must be modified with new function calls.
In the ASP.NET reference implementation, the controller.aspx file is the entry point into the Endeca application. If your application uses a different file structure, the information in this section will apply to the entry-point file for your application.
The next sections describe the syntax of these calls.
After modifying the controller.aspx file, you can run the application in the same way as before.
HttpENEConnection.enableSSL(X509Certificate clientCertificate)where clientCertificate is an X509Certificate object (from the .NET Framework Class Library) that is an implementation of an X.509 v.3 certificate.
The .NET X509Certificate.CreateFromCertFile method was used to create the clientCertificate object from the eneCert.der certificate (the ASN.1 DER format is the only certificate format supported by this class).
You should place the EnableSSL() method immediately after the HttpENEConnection connection object is instantiated, as shown in the example below.
The AcceptAllCertificatePolicy class is intended for situations where you want to prevent Host Not Found exceptions that are thown if the host name on the certificate does not match the name of the server. One example is if you are using the certificates that you generated with the enecerts utility. Note that you may not want to use this class if you are using your own custom certificates and want to verify the host name.
AcceptAllCertificatePolicy(X509Certificate certificateToAccept)where certificateToAccept is the same X509Certificate object used with the HttpENEConnection.EnableSSL() method. The X.509 certificate is set by the .NET Framework ServicePointManager.CertificatePolicy property to override any host name mismatches.
You can put the code after the X509 certificate is created from the DER-format version.
// Set the MDEX Engine connection HttpENEConnection nec = new HttpENEConnection(ENEHost, ENEPort); // Create the X509 certificate from the DER version X509Certificate privateCert = X509Certificate.CreateFromCertFile(@"C:\Endeca\MyCerts\eneCert.der"); // Enable SSL for the connection, using the new X509 certificate. nec.EnableSSL(privateCert); // Now update the certificate validation with a custom policy. // Required because Endeca certificates throw Host Not Found exceptions. ServicePointManager.CertificatePolicy = new AcceptAllCertificatePolicy(privateCert); // Create an ENEQuery for the MDEX Engine. ...
Endeca Platform Services Security Guide · Version 6.0.3 · June 2012
Copyright © 2003, 2012, Oracle and/or its affiliates. All rights reserved.