Configure a WS client to access an HTTPS server

Configuration steps to access a server in HTTPS.

To configure access to an HTTPS server, you need a client certificate.

Before you begin, there are options to consider depending on how you wish to use the client certificate:
  • If you do not have the certificate information in your FGLPROFILE file, Genero Web Services creates a certificate for you. This is an implicit or temporary certificate that is valid for a session only. For more information, go to HTTPS configuration.

    For the implicit certificate, no configuration is required.

  • Alternatively, for stronger security, you generate a client certificate of your own — a self-signed certificate, configure your application to use the certificate generated, and add the configuration details to the FGLPROFILE file. Follow the steps outlined in this section.
    Important:

    In a production environment, it is not recommended to use self-signed certificates.

    In a production environment, some servers provide a client certificate and you use the certificate as provided, and add the configuration details to the FGLPROFILE file.

    Most servers do not check the identity of the clients. For these servers, the client's certificate does not necessarily need to be trusted; it is only used for data encryption purpose. If, however, the server performs client identification, you must trust a Certificate Authority in which it has total confidence concerning the validity of the client's certificates.

To generate a self-signed X.509 certificate, go to Certificates in practice.

Once you have created a certificate, follow the three steps in this section to configure the FGLPROFILE security entries used by the client's Genero Web Services during HTTPS communication.