Siebel CRM Siebel Security Guide Siebel Innovation Pack 2016, Rev. A E24814-01 |
|
Previous |
Next |
View PDF |
If you are using Microsoft Crypto or RSA encryption for communications between the Siebel Server and the Web server (SWSE), or between Siebel Servers, then the following steps explain how Siebel encryption keys are exchanged between the client (for example, the Web Server) and the server (for example, Siebel Server).
The client generates a private/public key pair. The public key is sent as part of the Hello SISNAPI message to the Siebel Server.
When the server receives a Hello message, it generates an AES-based symmetrical session key and encrypts the symmetrical session key using the client's public key from the Hello message. The encrypted session key is sent back to the client as part of the Hello Acknowledge message.
The client uses its private key to decrypt the server-generated session key. From this point on, both the client and the server use the server-generated session key to encrypt and decrypt messages.
The session key is good for the lifetime of the connection.
If you are using TLS encryption between the Web server and Siebel Server or between Siebel Servers, then the key exchange is handled through a standard TLS handshake.