Test SSL Connections

On the HTTP Sender, Web Service Sender, and File Reader/Writer (FTP mode), you can test SSL connectivity using the appropriate connector service. For example, for the HTTP Sender connector, on an Edit Channel - Destinations page - HTTP Sender Settings section, select the Test Connection button.

Selecting the Test Connection button in the HTTP Sender Settings section

When connections are tested, several possible error messages could appear:

If the server presents certificates that are not trusted by the connector, a Warning window appears.
This Warning message says that, to proceed, you need to add the certificate in question to the list of trusted certificates. To do this:
- On the Channel list page, select the channel you'd like to edit.
- Select the Destination tab.
- On the Edit Channel page, SSL Settings section, select the Wrench icon.
- On the SSL Settings window - Trusted Server Certificates, select the Wrench icon.
- On the Trusted Certificates window, select the Import button.
  
  The Import Certificate window appears with the https:// field is pre-populated with the appropriate URL.
- Select Get Certificates to obtain the certificates for the appropriate URL. The certificates appear in the Certificates list.
- Select Import to open the Trusted Certificates window.
- On the Trusted Certificates window, select OK.
  
  Because you have edited the configuration, a Select an Option window appears, informing you of certain information concerning your changes.
- Select OK.
  
  The Trusted Certificates and Import Certificate windows close to reveal the SSL Settings window with the newly trusted values for Trusted Server Certificates.
- Select OK.
  
  On the Edit Channel page - Destination page - HTTP Sender Settings section, select the Test Connection button. Information on the window should indicate that the test succeeded.
- Select OK.
- A different Warning window appears if the SSL connection test fails due to an invalid hostname.
  
  To resolve this:
  - Correct your hostname. - OR -
  - Contact the server's manager and having them present a server certificate that includes the hostname you are using as a CN or SAN - OR -
  - Disable hostname verification on the SSL Settings window.

Note: Enabling hostname verification gives your SSL connection a higher level of security, which prevents certain types of "man-in-the-middle" attacks.

Test SSL Connections

When connections are tested, several possible error messages could appear:

If the server presents certificates that are not trusted by the connector, a Warning window appears.
This Warning message says that, to proceed, you need to add the certificate in question to the list of trusted certificates. To do this:
- On the Channel list page, select the channel you'd like to edit.
- Select the Destination tab.
- On the Edit Channel page, SSL Settings section, select the Wrench icon.
- On the SSL Settings window - Trusted Server Certificates, select the Wrench icon.
- On the Trusted Certificates window, select the Import button.
  
  The Import Certificate window appears with the https:// field is pre-populated with the appropriate URL.
- Select Get Certificates to obtain the certificates for the appropriate URL. The certificates appear in the Certificates list.
- Select Import to open the Trusted Certificates window.
- On the Trusted Certificates window, select OK.
  
  Because you have edited the configuration, a Select an Option window appears, informing you of certain information concerning your changes.
- Select OK.
  
  The Trusted Certificates and Import Certificate windows close to reveal the SSL Settings window with the newly trusted values for Trusted Server Certificates.
- Select OK.
  
  On the Edit Channel page - Destination page - HTTP Sender Settings section, select the Test Connection button. Information on the window should indicate that the test succeeded.
- Select OK.
- A different Warning window appears if the SSL connection test fails due to an invalid hostname.
  
  To resolve this:
  - Correct your hostname. - OR -
  - Contact the server's manager and having them present a server certificate that includes the hostname you are using as a CN or SAN - OR -
  - Disable hostname verification on the SSL Settings window.

Note: Enabling hostname verification gives your SSL connection a higher level of security, which prevents certain types of "man-in-the-middle" attacks.

Test SSL Connections

Recommendations

Apply Destination Connector SSL Settings

Trusted Server Certificates

Apply Source Connector SSL Settings

Trusted Client Certificates

Manage Certificates

Enable TLS Protocol

Test SSL Connections

Apply Destination Connector SSL Settings

Trusted Server Certificates

Apply Source Connector SSL Settings

Trusted Client Certificates

Manage Certificates

Enable TLS Protocol