List of connections and known limitations
The table below lists all iWD component connections and their types.
Please refer to the eServices Integrated Capture Points Guide for information about configuring secure Capture Point connections. See the following topics:
Configuring secure connections between Interaction Server and the JMS Event Logger is done in the same way as described here:
For TLS support of other Genesys components that iWD depends on, see the following topic:
Connections
| iWD Component | Connection Type | Role | Connections | TLS Mode | Comments |
|---|---|---|---|---|---|
| iWD Manager | PSDK | Client | Configuration Server | mutual | The Configuration Server auto-upgrade port should be used for TLS. |
| PSDK | Client | Interaction Server | mutual | ||
| PSDK | Client | UCS | mutual | ||
| PSDK | Client | Message Server | mutual | ||
| REST | Client | History Node | mutual | ||
| REST | Server | Web browser or custom desktops | mutual | ||
| iWD Data Mart | |||||
| PSDK | Client | Configuration Server | mutual | The Configuration Server auto-upgrade port should be used for TLS. | |
| JDBC | Client | iWD Data Mart database | tls | Configured via URL or JVM options or combination depending on database JDBC driver. | |
| JDBC | Client | ConfigServer database | tls | Configured via URL or JVM options or combination depending on database JDBC driver. | |
| REST | Client | iWD History Node | mutual | ||
| REST | Server | iWD Plug-in for GAX | mutual | ||
| LCA | no | LCA and product should be located on the same host, so TLS is not required. | |||
| PSDK | Server | Message Server | mutual | Introduced in 9.0.005. | |
| iWD History Node | PSDK | Client | Configuration Server | mutual | The Configuration Server auto-upgrade port should be used for TLS. |
| JMS | Client | Interaction Server Event Log | mutual | ||
| Kafka | Client | Interaction Server Event Log | mutual | ||
| JDBC | Client | History Node database | tls | Configured via URL or JVM options or combination depending on database JDBC driver. | |
| REST | Server | iWD Data Mart and iWD Manager | mutual | ||
| PSDK | Server | Message Server | mutual | Introduced in 9.0.005. | |
| Stat Server Extensions | JDBC | Client | iWD Data Mart database | tls | Configured via URL or JVM options or combination depending on database JDBC driver. |
| iWD GAX Plugin | JDBC | Client | Interaction Server DB | tls | Configured via URL or JVM options or combination depending on database JDBC driver. |
| REST | Client | iWD Data Mart | mutual | ||
| iWD Web | REST | Server | Web browser | mutual | |
| PSDK | Client | Configuration Server | mutual | The Configuration Server auto-upgrade port should be used for TLS. | |
| PSDK | Client | Interaction Server | mutual | ||
| PSDK | Client | Message Server | mutual | ||
| REST | Client | WSCP | mutual |
Limitations
PEM and Windows (MSCAPI) certificates
iWD Manager, iWD Web, iWD Data Mart and iWD History Node REST APIs do not support PEM and Windows (MSCAPI) certificates. Data Mart and History Node are based on Dropwizard, which is Jetty-based. Dropwizard documentation refers to Jetty documentation which you can find at http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html.
Jetty does not support PEM files directly, so when you get PEM certificates, you need to pack them into a keystore/truststore. There's more information at http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#loading-keys-and-certificates
The iWD Manager and iWD Web REST server is based on Tomcat, which does not support PEM directly. There's more information at https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html
Tomcat currently operates only on JKS, PKCS11 or PKCS12 format keystores.
iWD Stat Extensions has a limitation regarding TLS settings for JDBC connection. iWD Stat Extensions shares database settings with Data Mart. The Data Mart Stat Adapter job copies the JDBC URL from the Data Mart DAP to Stat Server options. So Stat Server must be configured in the same way as Data Mart.
- If Data Mart is set to use a TLS connection to the database via JVM arguments (the recommended way), then Stat Server must be provided with the corresponding JVM options and certificates.
- If Data Mart is set to use a TLS connection to the database via a JDBC URL which contains certificates and/or passwords, then Stat Server should be installed to the same host as Data Mart or use the same certificate paths and passwords.
iWD Manager and iWD Web client applications cannot be configured on HOST level
Client applications do not have a linked host value, so iWD cannot read host parameters while configuring such application connections. There are two client applications in iWD—iWD Manager and iWD Web— with connections to Configuration Server. These connections through the auto-upgrade port can be configured ONLY on the connection or the application level.
Mutual TLS for databases
Mutual TLS for databases is not supported.