Preparing SSL Certificates for DCNs

DCN, which uses HTTP Basic authentication, uses a Base64-encoded username:password field that can be intercepted by network sniffers. Encrypt DCN communications and always use HTTPS to send DCNs. HTTPS requires the DCN sender import the Unwired Server certificate (or that of its CA signer) into its local equivalent of a truststore. If you are also configuring the HTTPS listener for mutual certificate authentication, then corresponding files need to be copied to the Unwired Server truststore.

In Sybase Control Center, configure DCN to use HTTPS by creating a security profile and enabling the HTTPS listener for DCN to use the security profile configured.

Creating and Importing Self-Signed Certificates in Development Environments
Use a self-signed certificate generated from the Java SDK keytool utility, andimports it into the Unwired Platform for DCN encryption testing.
Using Keytool to Generate Self-Signed Certificates and Keys
Whenever possible, use a PKI system and a trusted CA to generate production-ready certificates and keys that encrypt communication among different Unwired Platform components. You can then use keytool to import and export certificate to the platform's keystores and truststores. Otherwise, you can also use keytool to generate self-signed certificates and keys.

Parent topic: Securing Data Change Notifications

Next topic: Creating and Enabling a DCN Security Profile