Notifications

16 views

Description

  1. By default, instance trusts the Certificate Authority (CA) for a certificate.
  2. This ensures the instance accepts self-issued certificates.
  3. If Instance does not need to trust all certificates by default, set the general security property 'com.glide.communications.trustmanager_trust_all' to false.
  4. But in the mid server properties file, it still shows as true (\installation dir\properties\glide.properties)





Release or Environment

  • All

Cause

  1. By default, the MID Server trusts all SSL certificates to support self-signed certificates.
  2. The property "com.glide.communications.trustmanager_trust_all" cannot be added to the MID Server Property (ecc_agent_property) directly.

Resolution

  1. To enable certificate validation, add the following line of code in the "glide.properties" file on the MID Server's installation directory, under the folder named properties.

    com.glide.communications.trustmanager_trust_all = false;

  2. Adding this line ensures that the MID Server validates the server certificate during the SSL handshake.
  3. This setting reduces the risk associated with any type of spoofing of the instance being connected to, IP layer spoofing, and Man In The Middle (MITM) attacks.
  4. Note: Adding this line of code requires a restart of the MID Server.

Additional Information

Useful docs:

Article Information

Last Updated:2020-09-29 23:48:46
Published:2020-09-30