The Secure Sockets Layer Protocol (SSL protocol) is used for secure communication through the TREX Java client between the TREX components and the Java application using TREX (for example, SAP Enterprise Portal). For communication among the TREX servers, the TREXNet is used. This is a special protocol developed for TREX-internal communication. Like HTTP, it is based on TCP/IP. You then configure TREXNet for secure communication.
SSL with client authentication ensures:
Secure communication is based on the use of electronic certificates. A certificate contains the public key of the owner and information on the owner, for example, his or her name (common name), organizational unit, or e-mail address. Certificates are issued by a certification authority (CA) that confirms the identity of the certificate's owner. The public and private certificates of the certificate owner are kept in a keystore (Personal Security Environment or PSE) that is protected by a password.
The two communication partners can then encrypt their messages before sending them. Administrators provide the necessary certificates. They also configure the security settings for the components and modify security-relevant parameters in the TREX configuration files.
If you have distributed the TREX installation on several hosts, you have to carry out the configuration steps listed in this documentation on each separate host. The hosts have to authenticate themselves to each other in order to ensure secure communication. For detailed information about distributed installation of TREX, see SAP Service Marketplace at service.sap.com/instguidesNW70 → Installation Guide - SAP NetWeaver 7.0 Search and Classification (TREX) Multiple Hosts.
Secure Communication Areas
There are the following areas of secure communication between the TREX components and the application using TREX:
The graphic below gives an overview of the components involved and the communication methods used.