65.9K
CodeProject is changing. Read more.
Home

HTTPs using BizTalk 2009 HTTP adapter on Windows 2008 R2

Ahmed Kahwaji
emptyStarIconemptyStarIconemptyStarIconemptyStarIconemptyStarIcon

0/5 (0 vote)

Jun 24, 2010

CPOL
viewsIcon

28582

Use HTTPs in BizTalk 2009 on Windows 2008 R2

To configure BizTalk 2009 HTTP sending adapter to use HTTPs under Windows 2008 R2, please follow the steps given below:

  1. Certificates:
    1. Install the server certificate under the below certificate stores:
      1. BizTalk host user (Current User)
        1. Personal
        2. Trusted Root Certificate Authorities
      2. Local Machine user
        1. Personal
        2. Trusted Root Certificate Authorities
        3. Other People
    2. Install the server root path certificates under the below certificate stores:
      1. BizTalk host user (Current User)
        1. Trusted Root Certificate Authorities
      2. Local Machine user
        1. Trusted Root Certificate Authorities
image001.gif
  1. Fill the “SSL client certificate thumbprint” property of the HTTP adapter send port, with the server certificate thumbprint:
image002.gif
  1. Use the URL https://DestinationServer:1234/Service in the URI property of the HTTP adapter send port:
image003.gif
  1. Map the IssuedToName with the IP in the HOSTS file under “C:\Windows\System32\drivers\etc”:
image004.gif
  1. Disable the using of TLS 1.0 and SSL 2.0, and enable SSL 3.0 from registries:
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols]
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0]
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
      • "DisabledByDefault"=dword:00000001
      • "Enabled"=dword:00000000
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0]
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client]
      • "Enabled"=dword:ffffffff
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server]
      • "Enabled"=dword:ffffffff
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
      • "Enabled"=dword:00000000
    • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
      • "Enabled"=dword:ffffffff
image005.jpg

References