Skip to Main Content
Integration


This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


Status Future consideration
Workspace App Connect
Created by Guest
Created on Apr 18, 2012

Create a means for WMB to check certificate revocation

We are using Broker with a SOAP Input node which is configured to use HTTPS, with clientAuth set to true.
As well as checking the client certificate we also need to check whether the client's certificate has been revoked i.e. whether it appears in a CRL (certificate Revocation List).
We came across some documentation about setting the Java properties com.ibm.jsse2.checkRevocation and com.ibm.security.enableCRLDP to enable CRL checking (See http://www.ibm.com/developerworks/java/jdk/security/50/secguides/jsse2Docs/JSSE2RefGuide.html) and have tried this with Broker. This worked, and checked CRLs, but only when the Broker acts as a client, such as when using the TFIM STS interface. But it didn't work when the Broker acts as a server, as in receiving a request at a SOAP Input node.

Idea priority High
RFE ID 21614
RFE URL
RFE Product IBM App Connect Enterprise (formerly IBM Integration Bus)
  • Guest
    Reply
    |
    Jan 11, 2021

    RFE Review. Apologies for the length of time this request has been in Uncommitted Candidate status. Despite not having received votes over its lifespan, we still feel this RFE would bring good long term value to our users so we will continue to monitor. The technology base in ACEv11 for our HTTPListener capabilities (used by HTTPInput nodes, RESTInput nodes and SOAPInput nodes) is now a C-based rather than a Tomcat implementation in ACEv11 which would impact the implementation of this feature and hence perhaps some of the product externals should it be prioritised in future. Status remains as uncommitted candidate.

  • Guest
    Reply
    |
    Oct 7, 2015

    Due to processing by IBM, this request was reassigned to have the following updated attributes:
    Brand - WebSphere
    Product family - Integration
    Product - IBM Integration Bus (WebSphere Message Broker) - IIB

    For recording keeping, the previous attributes were:
    Brand - WebSphere
    Product family - Connectivity and Integration
    Product - IBM Integration Bus (WebSphere Message Broker) - IIB

  • Guest
    Reply
    |
    Jul 2, 2012

    Thanks for raising this requirement, and also for the feedback from your investigations thus far. This would be a good enhancement to the HTTP/SOAPInput nodes, and would nicely help the broker's ability to create secure environments. We'll look at this as part of our next tranche of security features.