Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure Service integration > Secure service integration
Secure links between messaging engines
For a mixed-version bus, when security is enabled, define an inter-engine authentication alias so that the messaging engines can establish trust. Ensure that the user ID that you intend to use for the inter-engine authentication alias meets the following conditions:
- It exists in the user registry.
- It is used only for messaging engine to messaging engine authentication.
- It has not been added to the bus connector access role.
If we have a secure bus where all bus members are at v7.0 or later, trust between v7.0 or later messaging engines is established by using a Lightweight Third Party Authentication (LTPA) token, and you do not need to perform this task.
If we have a secure, mixed-version bus, define an inter-engine authentication alias to prevent unauthorized messaging engines from establishing a connection. Messaging engines use the inter-engine authentication alias to establish trust in the following scenarios:
- A WAS v6 messaging engine initiates a link with a v7.0 or later messaging engine.
- A v7.0 or later messaging engine initiates a link with a v6 messaging engine.
If you add a server or cluster as a bus member, if that action creates a mixed-version bus, you define an inter-engine authentication alias during that task, and you do not need to perform this task.
Procedure
- In the navigation pane, click Service integration -> Buses -> security_value . The bus security configuration panel for the corresponding bus is displayed.
- In the Inter-engine authentication alias field, select an authentication alias.
- Click OK.
- Save your changes to the master configuration.
Results
You have selected an inter-engine authentication alias for the bus to use in establishing trust between mixed-version messaging engines.
What to do next
If you require additional security, you can configure the SSL certificate stores to restrict objects that can make an SSL connection, and thereby connect to the bus. For more information see Create an SSL configuration.
Temporary bus destinations
Destination routing paths
Interconnected buses
Common issues with all bus configurations
Administer the bus connector role
Add a server as a new bus member
Add a cluster as a member of a bus