Encrypted web service requests
For Nexus Card SDK 5.5 and later, see Set up SSL connection to Card SDK by uploading PKCS#12 file instead.
If your application and the Card SDK runs on the same machine there is no need for a secure channel between them. However, the requirement for a secure channel may change when your application and the Card SDK runs on separate machines. The typical use case is a separate PC for production. For
this purpose, the Card SDK uses HTTP Secure (HTTPS) which combines HTTP on top of the SSL/TLS layer. It is the straightforward approach for a secure channel of the used SOAP and REST web service.
In this article we distinguish between:
- An only encrypted communication, here named SSL with unidirectional authentication. This also implies server authentication to prevent the problem of man-in-the-middle attacks which would impede the intention of an encrypted communication.
- An encrypted communication that uses client authentication in addition, here named SSL with mutual authentication.
The Card SDK offers both features. However, the typically used way is only encrypted communication (SSL with unidirectional authentication). It depends on your requirements which feature to use.