1
945

Written by

Evgeny Shvarov
Senior Startups and Community Programs Manager at InterSystems Corporation
STAFF
Follow
Question Evgeny Shvarov · May 5, 2019

How to Create SSL Configuration Programmatically?

#InterSystems IRIS #Deployment #SSL

Hi Community!

How do you create SSL Configuration for InterSystems IRIS programmatically? E.g. for installation or deployment case?

E.g. if I need to create a very simple "default" SSL client configuration to let HTPPS Get requests to an arbitrary server?

Discussion (5)2
Log in or sign up to continue

Comments

Yaron Munz · May 6, 2019

The class Security.SSLConfigs can give you an API to create SSL configurations.
Look at the "Create" classmethod. 

0
Evgeny Shvarov  May 20, 2019 to Dmitry Maslennikov

Thanks @Dmitry Maslennikov !

I'm looking for 'client' configuration. is this a case?

How "community.intersystems.com" as a name will work here?

0
Katherine Reid · May 6, 2019

As mentioned earlier, you can use the Security.SSLConfigs class.  You'll also want to think about how to deliver the CA certificate.  That's needed to verify you're connecting to the right server and not someone impersonating the server.   Possibly you could add it to your installer?

0
Dmitry Maslennikov  May 20, 2019 to Evgeny Shvarov

This is only example and yes, for client, where community.intersystems.com is a server for request to. To simplify I just create ssl config with server's name

0
Dmitry Maslennikov · May 20, 2019 
ClassMethod GetSSLConfiguration(host) As %String
{
  NEW $NAMESPACE
  SET $NAMESPACE = "%SYS"
  
  IF '##class(Security.SSLConfigs).Exists(host) {
    DO ##class(Security.SSLConfigs).Create(host)
  }
  QUIT host
}


Set tRequest = ##class(%Net.HttpRequest).%New()
Set tRequest.Server = "community.intersystems.com"
Set tRequest.Https = 1
Set tRequest.SSLConfiguration = ..GetSSLConfiguration(tRequest.Server)
....
0