Home
Administrator Guides
Administrator Guide
Administrator Guide
Implementation of one-way SSL
This section describes one-way SSL in Unica.
SSL in HCL Unica
Many application components can act as both server and client during normal operations, and some components are written in Java™ and some in C++. These facts determine the format of the certificates you use. You specify the format when you create a self-signed certificate or purchase one from a CA.

Administrator Guides
- Administrator Guide
  - Administrator Guide
    - Unica Platform features
      Unica Platform provides security, configuration, notification, and dashboard features for Unica products.
    - Licensing - overview
    - HCL Unica user account management
      You can manage the attributes of user accounts created using Unica Platform user interface, which we refer to as internal accounts. This is in contrast to external user accounts, which are imported from an external system such as an LDAP server or web access control system.
    - Security management
      Unica Platform supports roles and permissions to control user access to objects and features in Unica applications.
    - Configuration management
      When Unica is first installed, the Configuration page shows only the properties used to configure Unica Platform and some global configuration properties. When you install additional Unica applications, the properties used to configure these applications are registered with Unica Platform. These properties are then shown on the Configuration page, where you can set or modify their values.
    - Dashboard management
      Dashboards are configurable pages that contain information useful to groups of users who fill various roles within your company. The components that make up dashboards are called portlets. Dashboards can contain pre-defined portlets or portlets that you create.
    - The HCL Unica Scheduler
      The Unica Scheduler enables you to configure a process to run at intervals that you define.
    - SAML 2.0 based federated authentication
      Unica Platform implements a SAML 2.0 based Identity Provider (IdP) that enables a single sign-on federation among Unica products or between Unica products and third party applications.
    - SAML 2.0 single sign-on
      Unica Platform supports SAML 2.0 based single sign-on.
    - Single sign-on between HCL Unica and IBM Digital Analytics
      If your organization uses IBM Digital Analytics, you can enable single sign-on between Digital Analytics and Unica.
    - Integration between HCL Unica and Windows Active Directory
      Unica Platform can be configured to integrate with Windows™ Active Directory server or another LDAP (Lightweight Directory Access Protocol) server. By integrating Unica with a directory server, you can maintain users and groups in one centralized location. Integration provides a flexible model for extending the enterprise authorization policies into Unica applications. Integration reduces support costs and the time needed to deploy an application in production.
    - Integration between HCL Unica and LDAP servers
      Unica Platform can be configured to integrate with Windows™ Active Directory server or another LDAP (Lightweight Directory Access Protocol) server. By integrating Unica with a directory server, you can maintain users and groups in one centralized location. Integration provides a flexible model for extending the enterprise authorization policies into Unica applications. Integration reduces support costs and the time needed to deploy an application in production.
    - Integration with web access control platforms
      Organizations use web access control platforms to consolidate their security systems, which provide a portal that regulates user access to web sites. This section provides an overview of Unica integration with web access control platforms.
    - Alert and notification management
      Unica Platform provides support for system alerts and user notifications sent by Unica products.
    - Implementation of one-way SSL
      This section describes one-way SSL in Unica.
      - Overview of SSL certificates
        Read this section to understand SSL certificates in general.
      - Client and server roles in HCL Unica
        Unica application components can act as either the client or the server in a communication, depending on the situation.
      - SSL in HCL Unica
        Many application components can act as both server and client during normal operations, and some components are written in Java™ and some in C++. These facts determine the format of the certificates you use. You specify the format when you create a self-signed certificate or purchase one from a CA.
      - Configuration process roadmap: implementing SSL in HCL Unica
        Use this configuration process roadmap to scan the tasks required to implement SSL in Unica. The Topic column provides links to the topics that describe the tasks in detail.
      - Certificates for SSL
        This procedure describes how to create and configure your own certificates. Perform a similar procedure for every Unica you configure to use SSL. If you are configuring the Unica Campaign + Engage integration, see the Unica Campaign and Engage Integration Guide for IBM Marketing Cloud.
      - Configure your web application servers for SSL
        On every application server on which an Unica application is deployed, configure the web application server to use the certificates you have decided to employ.
      - Configure HCL HCL Unica for SSL
        To configure Unica applications to use SSL, you must set some configuration properties. Use the procedures in this section that are appropriate for your installation of Unica products and the communications that you want to secure using SSL.
      - Verifying your SSL configuration
        Follow this procedure to verify your SSL configuration.
      - Useful links for SSL
        These links provide more information on the tasks required to implement SSL in Unica.
      - Quality of protection settings for WebLogic
        You must set the QoP settings when you configure HCL Unica applications to use SSL.
      - Quality of protection settings for WebSphere
        You must set the QoP settings when you configure HCL Unica applications to use SSL.
    - Security framework for HCL Unica APIs
      Unica Platform provides the security framework for the APIs implemented by Unica products.
    - Data filter creation and management
      Data filters make it possible to restrict the customer data that an Unica user can view and work with in Unica applications. You can think of the data you secure with a data filter as a data set defined by the fields in your customer tables that you specify.
    - Audit event tracking in HCL Unica
      You can configure which audit events are tracked and assign a severity level to each tracked event.
    - The Unica Platform system log
      You should check the system log first if the Unica Platform application malfunctions. The system log is independent of the security audit information, which is stored in the system tables. While the system log tracks some of the same information contained in the security audit reports, it also contains information useful in troubleshooting Unica Platform.
    - Unica Platform utilities
      This section provides an overview of the Unica Platform utilities, including some details that apply to all the utilities and which are not included in the individual utility descriptions.
    - Unica Platform SQL scripts
      This section describes the SQL scripts provided with Unica Platform to perform various tasks relating to the Unica Platform system tables.
    - HCL Unica configuration properties
      This section describes the configuration properties found on the Settings & Configuration page.
    - Customization of stylesheets and images in the HCL Unica user interface
      You can customize the appearance of the user interface where most Unica product pages appear. By editing a cascading style sheet and providing your own graphics, you can change many of the images, fonts, and colors in the user interface.
- Configuration Properties Guide
- System Tables

SSL in Unica

Many application components can act as both server and client during normal operations, and some components are written in Java™ and some in C++. These facts determine the format of the certificates you use. You specify the format when you create a self-signed certificate or purchase one from a CA.

applications do not require a truststore when they act as a client making one-way SSL requests to an server component.

Java™ component acting as a server

For applications written in Java™, using the JSSE SSL implementation, and deployed on an application server, you must configure the application server to use your certificate. The certificate must be stored in JKS format.

You cannot use the default certificate provided with the application server.

You can create JKS certificates for your Java applications using Java keytool.

C++ component acting as a server

The Campaign listener, Optimize server component are written in C++, and require a certificate generated by OpenSSL.

Java™ component acting as a client

For applications written in Java™ and deployed on an application server, no truststore is needed. For ease of configuration, Java™ applications acting as a client do not authenticate the server during one-way SSL communications. However, encryption does take place.

C/C++ components acting as a client

For applications written in C/C++ and using the OpenSSL implementation, no truststore is required. The Campaign listener fall into this category.

How many certificates?

Ideally, you should use a different certificate for every machine that hosts an component acting as a server.

If you do not want to use multiple certificates, you can use the same certificate for all the components acting as servers. If you use one certificate for all applications, when users access applications for the first time, the browser asks whether they want to accept the certificate.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.