The components that you need to configure secure sockets communication on
SPD Server are delivered when you install
SAS/SECURE Toolkit Libraries from RSA and
SAS/SECURE SSL software. These components are delivered as part of the SPD Server installation.
The
TLS configuration process is different for UNIX and Windows SPD Servers. To take advantage
of TLS on a UNIX SPD Server, you must set up digital certificates; add the certificates
to the trusted CA bundle
that is configured for you by the SAS Deployment Manager; and configure the locations
of the trusted CA bundle and TLS public and private keys on SPD Server. These items
are configured by adding TLS options to the server’s spdsserv.parm
parameter file.
For Windows, SPD Server uses the SChannel library that comes with the Windows operating
system. You must
decide whether you want to request a digital certificate from the Microsoft Certificate
Authority or request a digital certificate from a certificate authority that is not
Microsoft. Once you have decided which certificates to use, you must ensure that the
server certificate is in the server host’s Windows Certificate Store. You must also
configure the certificates with SSL options in the Windows server’s spdsserv.parm
server parameter file.
The process for setting
up digital certificates is described in detail for both UNIX and Windows
SAS servers in
Encryption in SAS. See “Part 2. Installing and Configuring TLS and Certificates”. Some of the configuration
options that are described in Part 1
of
Encryption in SAS do not apply to SPD Server. Use the information about SSL options for SPD Server
in this chapter to configure secure sockets communication
for SPD Server and its clients.