cancel
Showing results for 
Search instead for 
Did you mean: 

Certificates for WCF SOAP with Transport Encryption

AnasIqbal
Level 2

Hello Guys,

I am trying to setup Blue Prism components (App Server, Runtime Resource & Interactive Client) but I am stuck with some questions. I have a requirement to setup with WCF SOAP with Transport Encryption (TLS 1.2) connection mode and following are my questions in this regard:

  • What type of certificates would be required on App Server?
  • Would the certificates be installed on App Server as well as Runtime Resource & Interactive client?
  • If certificates needed to be installed on all components, would they all are of same type?

Any suggestion/ guidance would be highly appreciated.

3 REPLIES 3

JohnCowell
Staff
Staff
Hi Anas, I realise this is an old post but did you manage to find answers to your questions? If not, it may be worth raising a ticket with Support if you cannot find the information you need from existing resources and documents on the Portal.

Best regards,
John Cowell
Blue Prism Product Support
John Cowell Senior Software Support Analyst Blue Prism

RyanAndrews
Staff
Staff
Hi Anas,

In order to implement a certificate for WCP SOAP with Transport Encryption, on an environment with only a single application server and no load balancer the TLS certificate needs to have the following requirements:
  • Be trusted by the connecting runtime resources and interactive clients
  • Configured with a common name the same as the FQDN of the application server
  • Configured with the Server authentication enhanced key usage
  • Installed only on the application server.
For a more scalable architecture you may consider using a load balancer in front of the application server(s), in this case the common name should be configured with the load balancers VIP FQDN and the same certificate will be applied on all application servers.

You may also elect to to encrypt inbound instructional communication to runtime resources as well as exposed web services. For firther information refer to the following document on our portal: https://portal.blueprism.com/system/files/documents/v6.3%20Data%20Sheet%20-%20Securing%20Network%20Connectivity.pdf

Kind Regards,
Ryan Andrews
Blue Prism Platform Lead - APAC

EVIPUTI
MVP
  • WCF: SOAP with Transport Encryption & Windows Authentication
    • Requires trust relationship between devices: Yes
    • Blue Prism authentication modes: Blue Prism Native / Single Sign-on
    • Requires server-side certificate: Yes
    • Transport: SOAP over HTTPS

    The transport including SOAP headers are encrypted using certificate-based encryption. Client and server identity is validated via Windows/Active Directory.

  • WCF: SOAP with Transport Encryption
    • Requires trust relationship between devices: No
    • Blue Prism authentication modes: Blue Prism Native
    • Requires server-side certificate: Yes
    • Transport: SOAP over HTTPS

    The transport including SOAP headers are encrypted using certificate-based encryption. Server identity is validated using certificates.



For further info you should check this official doc : https://bpdocs.blueprism.com/bp-7-0/en-us/helpBPServer.htm
------------------------------ Vipul Tiwari Senior Process Simplification Developer Amazon ------------------------------