The SOAP server supports secure connections between
provisioning clients and the SOAP server using the Transport Layer Security
(TLS) protocol.
TLS is an industry standard protocol for clients needing
to establish secure (TCP-based) TLS network connections.
TLS capabilities address several fundamental concerns
about communication over TCP/IP networks:
- TLS server authentication allows a client application
to confirm the identity of the server application. The client application
through TLS uses standard public-key cryptography to verify that the server's
certificate and public key are valid and have been signed by a trusted
certificate authority (CA) that is known to the client application.
- TLS client authentication allows a server application
to confirm the identity of the client application. The server application
through TLS uses standard public-key cryptography to verify that the client's
certificate and public key are valid and have been signed by a trusted CA that
is known to the server application.
- An encrypted TLS connection requires all information
being sent between the client and server application to be encrypted. The
sending application is responsible for encrypting the data and the receiving
application is responsible for decrypting the data. In addition to encrypting
the data, TLS provides message integrity, which provides a means to determine
if the data has been tampered with since it was sent by the partner
application.
Depending on whether the SOAP server is configured to
operate in a secure or unsecure mode, provisioning clients can connect using
unsecure or secure connections to the SOAP server TCP/TLS listening port. The
SDS GUI is used to configure this functionality. We recommend you see the
SDS Online Help for more information.
Note:
An TLS connection is slower than an unsecure TCP/IP
connection due to providing adequate security.
