TLS Connections for Uniface Servlets
The TLS connector supports encrypted network connections between the Uniface Router and Uniface servlets—the Web Request Dispatcher (WRD) and SOAP Request Dispatcher (SRD). The servlet acts as a TLS client, which means the certificate of the Uniface Router must be verified before the connection can be established.
TLS connections for the WRD and SRD use Java Secure Socket Extension (JSSE) to perform key exchange, certificate verification, encryption, and message authentication.
The following restrictions apply to WRD and SRD TLS connections,
- Only certificate-based authentication is supported. Pre-shared key (PSK) authentication is not supported.
- Client authentication is not supported.
- Peer name verification is not supported.
- The cipher list is not configurable and is fixed as the default cipher suites provided by JSSE, which is a part of Java Runtime Environment (JRE) 8.
Note: The Uniface Router must be configured to comply with these restrictions.
You can specify that TLS be used when connecting to the Uniface Router using the MIDDLEWARE parameter of the applicable servlet. For more information, see Configure a TLS Connection for a Uniface Servlet.