Hi All,
how to re-generate a certificate for ucf to work in proxy settings for https
~msk
Hello Msk,
I apologize for the delayed response. I was OOO for last 3 weeks and saw your question today morning.
I would need some details to answer your question precisely. What is the exact network configuration you have in your setup? Are you using one-way or two-way SSL? I would need this information to help you better as there are few configuration options in UCF that will need to be set as per your requirement.
Currently I am assuming that you have a proxy server sitting in front of your appserver and you want to use one-way SSL, where your server certificate will be validated by the client. If you want to use this mode of communication and the requirement is complete validation of certificate then you will have to import the concerned certificate in the keystore of client machine. The UCF client should know the path of this certificate and for the same "ucf.client.config.xml" should be modified with the correct path. You can refer to WDK development guide for details on exact parameters. Please let me know if you face any difficulties with the same.
If you do not want your server certificate to be validated entirely by the client then you can also turn-off the validation by setting "https.host.validation" to false in the "ucf.client.config.xml" file. Please note that turning-off this parameter will still enforce a verification of hostname as stopping the same will be a serious security breach.
Thanks,
Priyank
