Configuring the Web Gateway to Connect to InterSystems IRIS Using TLS
You can use TLS to set up a secure, encrypted channel between the Web Gateway and the InterSystems IRIS® data platform server. To do this, you need a TLS certificate and private key that represents the Gateway. The Gateway can then establish an encrypted connection to the InterSystems IRIS server (which has its own certificate and private key), so that all information is transmitted through the connection.
For information on setting up a connection between the Web Gateway and the InterSystems IRIS server that is protected by Kerberos, see Setting Up a Kerberized Connection from the Web Gateway to InterSystems IRIS.
The procedure is:
If there is not already a %SuperServer TLS configuration associated with the InterSystems IRIS server, create one as described in Create or Edit a TLS ConfigurationOpens in a new tab.
On the Portal’s System-wide Security Parameters page (System Administration > Security > System Security > System-wide Security Parameters), for the Superserver SSL/TLS Support choice, select Enabled (not Required).
Go to the Web Gateway’s Server Access page (System Administration > Configuration > Web Gateway Management).
On that page, under Configuration, select Server Access.
Next, select Edit Server and click Submit. This displays the configuration page for the Web Gateway.
On this page, configure the Web Gateway to use TLS. Specifically, for the Connection Security Level field, select SSL/TLS.
You must also specify values for the SSL/TLS Protocol, SSL/TLS Key Type, Require peer certificate verification, SSL/TLS Certificate File, SSL/TLS Private Key File, SSL/TLS CA Certificate File, and SSL/TLS Private Key Password fields. For more details on the fields on this page, see the Configuring Server Access section of “Web Gateway Operation and Configuration”.