|
|
|
|
Secure Socket Layer (SSL) for InForm Adapter
Configure your environment so that the InForm Adapter feature server is hosted behind a firewall with an appliance such as an F5 load balancer for handling HTTPS and converting to HTTP.
The InForm Adapter web services allow for SSL setup so data that is transported between the client and web services is encrypted (if the InForm Adapter feature server is not behind an F5 and is accessed directly).
Clients calling the InForm Adapter web service should be configured to send data over SSL using TLS 1.2.
Depending on the client applications you are running, secure the corresponding web services as follows:
- If you are using CIS, secure the Transaction Adapter and Central Admin web services by running WebConfigFileSelector F5Cert. For this, you must upload an X.509 digital certificate from the CIS system to the personal certificate store on the InForm Adapter machine.
- If you are using Central Coding, secure the Adapter Admin WCF web service by running WebConfigFileSelector F5Cert. For this, you must upload an X.509 digital certificate from the Central Coding system to the personal certificate store on the InForm Adapter machine.
You can also secure the Coding and Enhanced Discrepancy web services using digital certificates as described above or you can configure them to use username/password authentication over HTTPS by running WebConfigFileSelector F5. For this, the authentication user account must be active in the InForm study and the username and password must be stored in the Central Coding system. Change passwords on a regular basis to ensure security.
- If you are using ODM, secure the ODM web service by running WebConfigFileSelector F5Cert. For this, you must upload an X509 digital certificate from your ODM client application to the personal certificate store on the InForm Adapter application server.
Follow the best practices for configuring IIS. For more information, see the documentation available on the Microsoft TechNet website.
