ScenariosAdded by IBM on October 5, 2011 | Version 1 (Original)
|There are three primary scenarios for how to configure and use an SSL connection.
There are three primary scenarios for how to configure and use an SSL connection.
- Using server authentication
- Using mutual authentication
- Using no authentication at all
The term authentication
relates specifically to the authentication of the client and server to establish an encrypted network connection. Do not confuse it with the authentication feature of the micro broker, which is used to determine whether a particular client is who they claim to be and whether they are allowed to make use of a broker's facilities, such as to publish or subscribe to topics. For more information on this type of authentication, refer to Configuring micro broker authentication
Server authenticationParent topic: Configuring micro broker encryption
Server authentication is where network traffic is encrypted. When a client connects to the server, the client verifies the identity of the server. When using this mode, a client can be sure that it is talking to a trusted server, but the server does not know the identity of the client.
Mutual authentication is where network traffic is encrypted and is similar to server authentication. The server also authenticates the identity of the client, so that both parties know who they are communicating with.
Using no authentication at all
Using no authentication is where network traffic is encrypted, but no authentication is performed. This mode is easier to configure, but it is vulnerable to man-in-the-middle attacks, as neither the client or the server knows the identity of the other party. This mode is inherently less secure than the other methods, and it is not recommended for production use.