Für die sichere Kommunikation zwischen den CoreOne Web Services und den Endgeräten wird ein SSL-Zertifikat benötigt, welches mit den CoreOne Web Services übereinstimmt. Sprich der Subject Alternativ Name von dem Zertifikat muss mit der URL vom Web übereinstimmen.
Sind die CoreOne Web Services und die CoreOne Application Services auf demselben System installiert, kann dasselbe Zertifikat verwendet werden.
...
URL
...
Service
...
Introduction
The CoreOne Suite consists of multiple distributed services. To communicate between the services and to the end-user and to sign various things like tokens, certificates are used. So whenever you are planning on distributing a new service or a new installation, you will need to have some certificates ready. This page gives you an overview on the requirements.
For each connection between the CoreOne Application Services and the CoreOne System Connectors / CoreOne Secure Router, a separate certificate is required per server, which supports “Server Authentication” and “Client Authentication”. In addition, the corresponding public certificate must be available on the other side.
A full overview of all communication channels, ports and more check the page Connectivity (Network ports, protocols and certificates)
Nb. | Communication FROM - TO | Public / Internal | Notes and Remarks |
1 | COS-WEB <-> Device | Public | SSL Certificate for UI of Web-Services |
2 | COS-PORTAL <-> Device | Public | SSL Certificate for UI of SelfService Portal |
3 | COS-AUTH <-> Device | Public | SSL Certificate for OpenID and Authentication |
4 | COS Token Signing | Public | Certificate for Token signing |
5 | COS-WEB <-> COS-APP | Internal | SSL Certificate for Communcation of APP-Services |
6 | COS-APP <-> COS-RT | Internal | SSL Certificate for Communcation of RT-Services |
7 | COS-RT <-> COS-SC | Internal | SSL Certificate for Communcation of SC-Services |
8 | COS-WFE <-> COS-APP | Internal | SSL Certificate for Communcation of Workflow S. |
9 | COS-WFE <-> COS-AUTH | Internal | SSL Certificate for Communcation of Workflow S. |
Here is an example of generally needed certificates
URL | Service | Certificate | Subject Alternativ Name |
---|---|---|---|
CoreOne |
Web Services | CoreOne |
Web Services |
net or *.customer.net |
CoreOne |
Authentication Services | CoreOne |
Authentication Services |
net or *.customer.net |
CoreOne |
API | CoreOne |
API |
net or *.customer.net |
CoreOne |
Self Service Portal | CoreOne |
Self Service Portal |
COS WEB < - > COS APP
Internes Zerifikat
IAM.Genreal
...
COS WEB < - >Endgerät (SSL Zertifikat für UI)
...
COS Token Signing (Zum Signieren der Tokens)
...
net or *.customer.net | |||
CoreOne Worklfow Runner | CoreOne Worklfow Runner | iam-wf.customer.net or *.customer.net | |
COS WEB < - > COS APP |
...
COS APP < - > COS RT (Interne Kommunikation)
...
COS RT < - > COS SC / COS RT (Interne Kommunikation)
COS APP → COS RT → COS SC
...
Token Signierung (Optional)
...
internal certificate | IAM.Genreal | iam-com.customer.net or *.customer.net |
Token Signing (Optional)
A certificate with which the private key can be exported is required for Token signing.