SSL configuration

If "Use SSL" has been activated in the OData provider settings, access to the OData services is only possible via the HTTPS protocol. To enable SSL, the server requires an X.509 certificate that is stored along with a certificate from the Certificate Authority in a keystore. In order to test SSL, it is possible to create what is known as a self-signed certificate. A certificate from a Certificate Authority should be used for a live system as otherwise warnings will appear in the browser and OData clients will decline the SSL connection. The following section describes how to generate a self-signed certificate for testing purposes and store it in a keystore. You can find additional information on this topic, including how to import trustworthy certificates, here.

Creating a keystore with SSL certificate

Open a command window in Windows or a shell in Linux, then switch to the bin directory of your Java JDK installation (such as /jre/windows/amd64/bin). Then run the following command:

$ keytool -keystore /path/to/keystore.ks -alias odata -genkey -keyalg RSA
Enter keystore password:  password
What is your first and last name?   
[Unknown]: odata.intrexx.com 
What is the name of your organizational unit?   
[Unknown]: OData 
What is the name of your organization?   
[Unknown]: Intrexx GmbH 
What is the name of your City or Locality?   
[Unknown]:  
What is the name of your State or Province?   
[Unknown]: 
What is the two-letter country code for this unit?   
[Unknown]: 
Is CN=odata.intrexx.com, OU=OData, O=Intrexx GmbH, 
L=Unknown, ST=Unknown, C=Unknown correct?   
[no]:  yes

Enter key password for <odata>

The program now requests a password for the keystore and information about the server certificate. When asked for the first and last name, enter the same host name of the OData server as was defined in the service endpoint URL.

More information

General

System requirements

Consume data

Provide data

Integration in applications

Use in processes

Expert settings

Appendix