Securing and encrypting MID Server data

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 3분

    • After configuring your MID Server, you can add security by encrypting MID Server parameter values in the config.xml file. Encryption protects data that the MID Server returns to the ECC Queue. Other available security options include the authorization of SOAP requests, restricting access to the MID Server configuration file, and establishing secure socket layer (SSL) connections.

    Set-up indicator for security phaseEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server securityEnsure that the MID Server can connect to elements inside and outside your networkDownload and install the MID Server on a Linux or Windows hostConfigure your MID ServerConfigure MID Server security

    How MID Server password encryption works

    The username and password are initially set in the config.xml file on the MID Server. When the MID Server retrieves the credentials, it replaces the clear-text password with an encrypted password automatically, using an AES256 encryption algorithm. In continued efforts to improve MID Server security, the encryption algorithm has been enhanced. The MID Server also maintains an encryption key that is generated each time it starts and remains in memory and not on the hard disk. When credentials need to be sent from the instance to the MID Server, the following process takes place:
    1. The instance retrieves the encrypted password and the unencrypted username from the instance database table.
    2. The instance decrypts the encrypted password, and then re-encrypts it using the MID Server encryption key.
    3. The username and re-encrypted password are sent to the MID Server through the encrypted TLS session was already established between the MID server and the instance.
    4. The MID Server receives the credentials and decrypts the password in memory before using the credentials for remote operations. At no point is the credential password stored on the disk in an unencrypted format.