Setting up SSL services

Before setting up SSL services on Replication Server, review the SSL Plus user documentation and documentation for any third-party SSL security software you are using.

StepsSetting up SSL services on Replication Server

The following steps are described in detail in the rest of this chapter.

  1. Add the SSL driver to the Open Client/Server™ driver configuration file.

  2. Modify the Open Client/Server trusted roots file to include trusted CA certificates.

  3. Obtain a certificate from a trusted Certificate Authority (CA) for each Replication Server accepting SSL connections.

  4. Create the identity file that concatenates a certificate and its private key.

  5. Use rs_init to enable SSL on Replication Server and to add an encrypted SSL password to the Replication Server configuration file.

    NoteYou can enable and disable SSL on Replication Server using configure replication server and the use_ssl option.

  6. Create an SSL entry in the Replication Server interfaces file, Windows Registry, or directory service.

  7. Restart Replication Server.