Oracle ATG Web Commerce servers can expose certain components to other applications through Java remote method invocation (RMI). To use this feature, you must first write a service according to the RMI specifications, then register your service with the Oracle ATG Web Commerce RMI server. After registering, other applications can access the service. It is important to insure that these applications access your service in a secure manner.

For more information, see the Platform Programming Guide.

You can secure RMI communications by transmitting them over SSL. (For information on non-SSL RMI service implementations, the Platform Programming Guide.)

Configuring Keys and Certificates

To use RMI over SSL, configure both public and private keys and wrap the public key in a self-signed certificate. In a production environment, you must create a key store, trust store, and certificate, as described in the Generating a New Certificate section of the Platform Programming Guide.

For more information about SSL keys and certificates, and for documentation about the Java Secure Socket Extension (JSSE) APIs, see the Oracle Web site.