Altova FlowForce Server 2024 Advanced Edition

SSL (Secure Sockets Layer) is an encryption security protocol that encrypts data transmitted between a client and a server. In FlowForce Server, you can encrypt the following HTTP connections with SSL certificates:


The connection between a browser and FlowForce Web Server

The connection between a Web service consumer (e.g., a client application) and the FlowForce Server service

The internal connection between FlowForce Web Server and FlowForce Server


For the first two connections, you need an SSL certificate and a private key corresponding to that certificate. For security reasons, you might want to use a separate SSL certificate and private key for each connection. If you want to use the same certificate and private key for both connections, this requires that both FlowForce Server and FlowForce Web Server have the same fully qualified domain name (FQDN). For example, if FlowForce Web Server listens on https://somehost:8083, then FlowForce Server should listen on https://somehost:4647. Note that you can always change the port later; only the host name is important in this case.


For the last connection, there is no need for a third certificate and private key pair—you can use the same SSL certificate as for FlowForce Server. In this case, FlowForce Web Server acts as an HTTP client for FlowForce Server.


FlowForce Server Advanced Edition

If you use FlowForce for exchanging AS2 data, you can also use SSL certificates to sign or encrypt data as part of the AS2 service (see AS2 Integration).


SSL encryption precedures

If you need to encrypt communications with the SSL protocol, follow the instructions below. In this example, we have used the open-source OpenSSL toolkit to set up SSL encryption. The steps listed below, therefore, need to be carried out on a computer on which OpenSSL is available. OpenSSL typically comes pre-installed on most Linux distributions and on macOS machines. It can also be installed on Windows computers. For download links to installer binaries, see the OpenSSL Wiki.


1.Generate a private key

2.Create a Certificate Signing Request (CSR)

3.Buy an SSL certificate

4.Receive the public key from CA

5.Save the public key to a file

6.Save CA's intermediate certificates to a file

7.Enable SSL for FlowForce Server/Web Server

8.Test SSL communication


© 2018-2024 Altova GmbH