Scenario
How do I configure a Linux and Windows remote location in HVR so that username and password passed over the network is encrypted?
In certain situations, it becomes important to secure a remote location's username and password passed over the network. Typically in financial departments organizations are required to protect this information.
Overview
In this example, we will see how to create a remote location in HVR to encrypt the username and passwords.
Pre-requisites
- We are using the default key pairs provided by hvr
- Location for oracle on Linux is already created
- Location for SQL Server on Windows is already created
- Channel chn1 is already created
Steps
Setup HVR on remote location to expect an encrypted connection.
A) If remote location is Linux, follow the below steps
- In the remote Linux machine open the file /etc/xinet.d/hvr to add argument –Khvr to server_args command as shown below.
server_args = -r –Khvr
- Save this file
- Start hvrremotelistener by running the below command in the command line
$ hvrremotelistener -N -d -Khvr 4343
B) If remote Location is Windows, we need to create and run hvr remote listener service that requires SSL encryption for incoming connections
- Open HVR GUI in the remote windows machine and right-click on localhost to create HVR Remote listener on this machine
- Click on HVR Remote listener and if the listener is already running stop and destroy it so that we can create a new one with SSL encryption
- After click on create we will be see a pop up window to Create Windows Service. Check the box for Require SSL on incoming connections
- The default name for Local Certificate Pair is hvr.
- Then click on Create. this action will create the service
- Click on the Start button to start the service.
If you look in windows services you will see a service called HVR Remote Listener on port 4343 created and running.
- Next Step will be to add an action LocationProperties to the channel.
- Right-click on the channel chn1 and select New Action and then LocationProperties under that
- Check the box for SSLRemoteCertificate for Group * and in the empty place for SSLRemoteCertificate enter 'hvr'
- Click on ok to add this action to the channel
C) Perform HVR Initialize for this action to take effect.