Article Katherine Reid · Jul 16, 2019 1m read Using the OS certificate store with TLS/SSL There's an easy new way to add certificate authority (CA) certificates to your SSL/TLS configurations on InterSystems IRIS 2019.1 (and 2018.1.2) on Windows and Mac. You can ask IRIS to use the operating system's certificate store by entering: %OSCertificateStore in the field for "File containing Trusted Certificate Authority X.509 certificate(s)". Here's an image of how to do this in the portal: #Best Practices #Security #SSL #Tips & Tricks #InterSystems IRIS 15 5 4 1.6K
Article Katherine Reid · Apr 24, 2019 5m read Using and debugging %Net.SSH.Session for SSH connections The %Net.SSH.Session class lets you connect to servers using SSH. It's most commonly used with SFTP, especially in the FTP inbound and outbound adaptors. In this article, I'm going to give a quick example of how to connect to an SSH server using the class, describe your options for authenticating, and how to debug when things go wrong. Here's an example of making the connection: #Best Practices #Debugging #FTP #Caché #Ensemble #InterSystems IRIS 11 4 1 6K
Article Katherine Reid · Nov 27, 2017 1m read Upgrading TLS configurations Caché will not change the cryptographic settings in an existing TLS configuration when you upgrade. This means that unless you've updated them yourself, you're still using the values from the very first version you started using SSL in. #SSL #Tips & Tricks #Caché 5 2 0 904
Article Katherine Reid · Dec 6, 2016 7m read Configuring Caché client applications for SSL/TLS When using Studio, ODBC or a terminal connection to Caché or Ensemble, you may have wondered how to secure the connection. One option is to add TLS (aka SSL) to your connection. The Caché client applications - TELNET, ODBC and Studio - all understand how to add TLS to the connection. They just need to be configured to do it. Configuring these clients is easier in 2015.1 and later. I'm going to be discussing this new method. If you're already using the old, legacy method, it will continue to work, but I would recommend you consider switching to the new one. #Best Practices #Security #SSL #Caché 25 7 3 5.9K
Article Katherine Reid · Aug 26, 2016 2m read TLS v1.2 support in Caché Question:What version of Caché supports TLS v1.2? Answer:Caché 2015.2 announced support for TLS v1.1 and v1.2. In this version, the SSL/TLS configuration page provides checkboxes for TLS v1.1 and v1.2, which allows the versions to be configured individually. This allows sites to, for example, require TLS v1.2 only.Additionally, some earlier versions of Caché provide undocumented support for TLS v1.1 and v1.2, specifically Caché 2014.1.3 and above and 2015.1, on Windows, Linux and Unix. #Release #Security #SSL #Tips & Tricks #Caché 6 1 0 2.3K