Use Case Scenarios and Considerations

Topics:

HTTPS requires the creation and installation of signed certificates. For Omni-Gen applications, self-signed certificates are used. The steps are the same using a signed certificate from a Certificate Authority (CA). Depending on whether the individual applications run locally or on different machines, the certificate may need to be installed on one or more machines.

Basic Requirements

The following list describes the basic requirements for the use case scenarios and considerations.

  • All Omni-Gen applications use the omnigenstore keystore, which is created by the installation software.
  • Omni-Gen applications that need to communicate with HTTPS-enabled applications use the ibi-certs truststore.
  • The keystore, pem, and truststore files are in the OmniGenData directory.

Installing the Application on a Single Host

All applications are running on a single host. The following image shows the workflow example behind the application running on Machine A.

The following list describes how the application is installed on a single host.

  • The installation process captures the installation type (single host and multiple hosts), along with the fully qualified host names.
  • It collects the locations of the keystore and truststore.
  • By default, the cert directory is the OmniGenData directory.
  • Installation software creates the omnigenstore keystore, omnigenstore cert file, and the ibi-certs truststore in the cert directory.
  • If multiple certificates need to be included, separate truststores are used. This is handled by the installation software.
  • The fully qualified host name is used when accessing each web service.

Deploying on Multiple Hosts

Applications must be run on different hosts. In the following example, Tomcat is running on Machine B while the Omni-Gen Server and the other applications are running on Machine A.

The following list describes how the application is deployed on multiple hosts.

  • The installation process captures the installation type (single host and multiple hosts), along with the fully qualified host names.
  • It collects the locations of the keystore and truststore.
  • By default, the cert directory is the OmniGenData directory.
  • Installation software creates the omnigenstore keystore, omnigenstore cert file, and the ibi-cert truststore in the cert directory on Machine A.
  • Installation software remote copies the certificate files to the cert directory on Machine B and creates the required truststore locally (on Machine B).
  • The invoker software that starts up the application references the local truststore.
  • The fully qualified host name is used when accessing web services.

The same model is followed for any other variations.