Secure Connection Using TLS

The SOAP server supports secure connections between provisioning clients and the SOAP server using the Transport Layer Security (TLS) protocol.

TLS is an industry standard protocol for clients needing to establish secure (TCP-based) TLS network connections.

TLS capabilities address several fundamental concerns about communication over TCP/IP networks:

• TLS server authentication allows a client application to confirm the identity of the server application. The client application through TLS uses standard public-key cryptography to verify that the server's certificate and public key are valid and have been signed by a trusted certificate authority (CA) that is known to the client application.
• TLS client authentication allows a server application to confirm the identity of the client application. The server application through TLS uses standard public-key cryptography to verify that the client's certificate and public key are valid and have been signed by a trusted CA that is known to the server application.
• An encrypted TLS connection requires all information being sent between the client and server application to be encrypted. The sending application is responsible for encrypting the data and the receiving application is responsible for decrypting the data. In addition to encrypting the data, TLS provides message integrity, which provides a means to determine if the data has been tampered with since it was sent by the partner application.

Depending on whether the SOAP server is configured to operate in a secure or unsecure mode, provisioning clients can connect using unsecure or secure connections to the SOAP server TCP/TLS listening port. The SDS GUI is used to configure this functionality. We recommend you see the SDS Online Help for more information.

Note:

An TLS connection is slower than an unsecure TCP/IP connection due to providing adequate security.