Configure a WS client to access an HTTPS server

Configuration steps to access a server in HTTPS.

To configure access to an HTTPS server, you need a client certificate.

Important: On GMI mobile devices the iOS SSL/TLS layer is used for HTTPS, and the device Keychain® typically holds the server certificate authority list. Therefore, the FGLPROFILE file security settings are ignored with the exception of the following: security.global.ca, security.global.ca.lookuppath, and security.global.systemca.
Before you begin, there are options to consider depending on how you wish to use the client certificate:
  • If you do not have the certificate information in your FGLPROFILE file, Genero Web Services creates a certificate for you. This is an implicit or temporary certificate that is valid for a session only. For more information see HTTPS configuration.
    Note: For the implicit certificate, no configuration is required.
  • Alternatively, for stronger security, you generate a client certificate of your own, configure your application to use the client certificate generated, and add the configuration details to the FGLPROFILE file. Follow the steps outlined in this section.
    Note: In a production environment, some servers provide a client certificate and you use the certificate as provided, and add the configuration details to the FGLPROFILE file.
The openssl command line tool can be used to create your own certificates for the configuration of secured communication. The following steps outline the configuration process: