Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The CoreOne Suite consists of multiple distributed services. To communicate between the services and to the end-user and to sign various things like tokens, certificates are used. So whenever you are planning on distributing a new service or a new installation, you will need to have some certificates ready. This page gives you a an overview on the requirements.

For each connection between the CoreOne Application Services and the CoreOne System Connectors / CoreOne Secure Router, a separate certificate is required per server, which supports “Server Authentication” and “Client Authentication”. In addition, the corresponding public certificate must be available on the other side.An example

...

URL

...

Service

...

Certificate

...

Subject Alternativ Name

...

https://iam.customer.net

...

CoreOne Web Services

...

CoreOne Web Services

...

iam.customer.net or *.customer.net

...

https://auth.customer.net

...

CoreOne Authentication Services

...

CoreOne Authentication Services

...

auth.customer.net or *.customer.net

...

https://iam-api.customer.net

...

CoreOne API

...

CoreOne API

...

iam-api.customer.net or *.customer.net

...

https://myaccount.customer.net

...

CoreOne Self Service Portal

...

CoreOne Self Service Portal

...

myaccount.customer.net or *.customer.net

...

https://iam-wf.customer.net

...

CoreOne Worklfow Runner

...

CoreOne Worklfow Runner

...

iam-wf.customer.net or *.customer.net

...

COS WEB < - > COS APP

...

internal certificate

...

IAM.Genreal

...

iam-com.customer.net or *.customer.net

...

A full overview of all communication channels, ports and more check the page Connectivity (Network ports, protocols and certificates)

Nb.

Communication FROM - TO

Public / Internal

Notes and Remarks

1

COS-WEB <-> Device

Public

SSL Certificate for UI of Web-Services

2

COS-PORTAL <-> Device

Public

SSL Certificate for UI of SelfService Portal

3

COS-AUTH <-> Device

Public

SSL Certificate for OpenID and Authentication

4

COS Token Signing

Public

Certificate for Token signing

5

COS-WEB <-> COS-APP

Internal

SSL Certificate for Communcation of APP-Services

6

COS-APP <-> COS-RT

Internal

SSL Certificate for Communcation of RT-Services

7

COS-RT <-> COS-SC

Internal

SSL Certificate for Communcation of SC-Services

8

COS-WFE <-> COS-APP

Internal

SSL Certificate for Communcation of Workflow S.

9

COS-WFE <-> COS-AUTH

Internal

SSL Certificate for Communcation of Workflow S.

https://lucid.app/lucidchart/00160333-04a9-4d01-b436-7100d5f1fd6f/view?page=0_0&invitationId=inv_97d54472-2c7d-48b0-8ab6-00aa34c50b2c#

Here is an example of generally needed certificates

URL

Service

Certificate

Subject Alternativ Name

https://iam.customer.net

CoreOne Web Services

CoreOne Web Services

iam.customer.net or *.customer.net

https://auth.customer.net

CoreOne Authentication Services

CoreOne Authentication Services

auth.customer.net or *.customer.net

https://iam-api.customer.net

CoreOne API

CoreOne API

iam-api.customer.net or *.customer.net

https://myaccount.customer.net

CoreOne Self Service Portal

CoreOne Self Service Portal

myaccount.customer.net or *.customer.net

https://iam-wf.customer.net

CoreOne Worklfow Runner

CoreOne Worklfow Runner

iam-wf.customer.net or *.customer.net

COS WEB < - > COS APP

internal certificate

IAM.Genreal

iam-com.customer.net or *.customer.net

Token Signing (Optional) 

...