CA Client Automation

Expand all | Collapse all

Securing ENC connections

Jump to Best Answer
  • 1.  Securing ENC connections

    Posted 06-23-2020 12:26 PM
    Hello Folks.

    Is it possible to protect, maybe with certificates the socket ports that we use and configured when implemented ENC?.

    For example, if we use socket port 5000, we would like to make it more secure because is exposed on internet.

    Thanks in advance.

    Regards.


  • 2.  RE: Securing ENC connections
    Best Answer

    Broadcom Employee
    Posted 06-24-2020 08:52 AM





  • 3.  RE: Securing ENC connections

    Posted 23 days ago
    Hi Steve, 

    Is there any way to get ENC tomcat working on https? We understand server and peers authentication using certificates, but client want to secure the url that is exposed to internet:

    http://myserver.mycompany.com/encServer/servlet/ClientServicesServlet

    to use:

    https://myserver.mycompany.com/encServer/servlet/ClientServicesServl

    We ran some test on controllated environment but when tomacat is configured to use a certificate we recieve this error on remote pcs:

    Retrieving status information from ENC Client...
    Unable to register with Gateway Server myserver.mycompany.com

    Thanks in advance.






  • 4.  RE: Securing ENC connections

    Broadcom Employee
    Posted 22 days ago

    Hi Allan,

     

    ENC can use SSL directly (port 443) and making changes to Tomcat is not required, and as you have found out will break it.

     

    Rgds,

    Steve

     

     

     






  • 5.  RE: Securing ENC connections

    Posted 21 days ago
    Hi Steve, thanks for answer

    Then the only way to secure ENC is certificate authentication between peers? Is there any known vulnerability that can be exploded over default ports (80 / 443)?

    We have been reading the green book but there is not information about this.

    We appreciate your help.


  • 6.  RE: Securing ENC connections

    Broadcom Employee
    Posted 21 days ago

    Hi Allan,

     

    ENC was added to Client Automation over 10 years ago and since then I have not heard of any known security vulnerability.

     

    Rgds,

    Steve.