1 ECHO SSL Ordering With ECHO 9.0 Dan Pilone. 2 Agenda Introduction SSL Ordering Overview Order...
-
Upload
daniella-thompson -
Category
Documents
-
view
213 -
download
0
Transcript of 1 ECHO SSL Ordering With ECHO 9.0 Dan Pilone. 2 Agenda Introduction SSL Ordering Overview Order...
1
ECHOSSL Ordering With ECHO 9.0
Dan Pilone
2
Agenda
• Introduction• SSL Ordering Overview • Order Fulfillment Features• Provider Requirements• Configuring ECHO for SSL
connections• Questions
Introduction
3
Client to ECHO connection via HTTP or HTTPS (SSL)
ECHO to Provider Order Fulfillment API via HTTPS (SSL)
• SSL provides strong encryption of data coming into ECHO and being transmitted to providers
• SSL is only available with the ECHO 9 Order Fulfillment API
• This presentation focuses on communications from ECHO to the Data Providers
ECHO 9.0
SSL Ordering Overview
4
ECHO 9 Data ProviderSSL Certificate
ECHO Operations
SSL Encrypted Ordering
• All orders are transmitted via SSL• Any changes to the certificate
requires another Operations approval
5
Order Fulfillment API Features
• Data Providers can now require ECHO to transmit orders via an SSL encrypted channel
• The SSL encryption is requested by setting your public SSL certificate with your provider policies– ECHO accepts self-signed as well as Certificate Authority
signed certificates– As a security measure, ECHO Operations must approve and
enable your SSL request
• Once SSL is enabled ECHO will only make SSL connections to your endpoint. ECHO will refuse to send orders to anything other than HTTPS
Provider Requirements
• Be sure you’re using the ECHO 9 Order Fulfillment API
• Purchase or create an SSL certificate for your webserver (JBoss, Tomcat, etc.)– Java’s keystore, the OpenSSL toolkit, or Microsoft’s
Certificate Wizard can be used to create a Certificate Authority Certificate Request or a self signed certificate. See the respective tool for more details.
• Configure your webserver to accept SSL connections
• Expose your SSL port outside any firewalls
6
Configuring ECHO for SSL
• Set your public SSLinformation and SSLendpoint URL in yourprovider policies using PUMP
• Save your policies• Email ECHO
Operations to notifythem of the update
• Operations will contact you to confirm your information then activate your certificate
• Once confirmed, Operations will enable SSL encryption for all orders to your system
7
ECHO Architecture Overview
8
ECHO Client 1 (e.g. WIST)
ODL Provider (ECHO Order Adapters)ECHO 9.0
ECHO Client 2
HTTP
HTTPS Order Fulfillment API
Order Fulfillment API (SSL)
Questions
9