Introduction
The CoreOne Suite consists of multiple distributed services. To communicate between the services and to the end-user and to sign various things like tokens, certificates are used. So whenever you are planning on distributing a new service or a new installation, you will need to have some certificates ready. This page gives you a
For each connection between the CoreOne Application Services and the CoreOne System Connectors / CoreOne Secure Router, a separate certificate is required per server, which supports “Server Authentication” and “Client Authentication”. In addition, the corresponding public certificate must be available on the other side.
As An example:
URL | Service | Certificate | Subject Alternativ Name |
---|---|---|---|
https://demo.itsense.ch | CoreOne Web Services | CoreOne Web Services | demo.itsense.ch oder *itsense.ch |
https://openid.itsense.ch | CoreOne Authentication Services | CoreOne Authentication Services | openid.itsense.ch oder *itsense.ch |
https://api.itsense.ch | CoreOne API | CoreOne API | api.itsense.ch oder *itsense.ch |
https://portal.itsense.ch | CoreOne Self Service Portal | CoreOne Self Service Portal | portal.itsense.ch oder *itsense.ch |
COS WEB < - > COS APP | internal certificate | IAM.Genreal |
...
COS WEB <- >Endgerät > End user device (SSL certificate for UI)
COS Token Signing (For signing the Tokens)
COS AUTH < - > Endgerät End user device(SSL certificate for OpenID)
COS WEB < - > COS APP (Internal communication)
COS APP < - > COS RT (Internal communication)
COS RT < - > COS SC / COS RT (Internal communication)
COS APP → COS RT → COS SC
...
Token Signing (Optional)
A certificate with which the private key can be exported is required for Token signing.