Table of Contents
After securing the transport layer with SSL using the previous sections. We can use this secure layer to transmit XML data between servers without sending clear text. The issue is that the data is only secure in transit between the server and the client. A malicious user could still create a fraudulent transaction and deliver it to your servers.
What is needed is an encrypted and signed payload. By encrypting and signing the payload we can warranty the Confidentiality, Integrity, Authenticity, Identity and Non-repudiation of the payload.
This section requires the following items to start. These topics are covered in previous sections of this publication.
A private key (as cln-prvkey.pem).
A signed public certificate (as cln-pubcert.pem).
A published public certificate.
Your partner’s public certificate (as vdr-pubcert.pem)
The proceeding sections will guide you through creating a “limited use symmetric passphrase”, sending the key to your partner, and finally use it for the transmission of secure XML transactions.
Generate a limited use symmetric passphrase (as sym-key-$$.pem).
Use the symmetric passphrase to encrypt data.
Transfer the secure symmetric passphrase to your partner.
Retrieving the symmetric passphrase from the transfer.
Use the symmetric passphrase to decrypt data.