Securing AAI: TLS and Kerberos

As a system administrator, you can configure the communication between the AAI server and its communication partners to protect the data flow between them, thus ensuring that data cannot be read or modified during transfer. This is often required in organizations since key process data is being transmitted from your workload schedulers to AAI either directly or through its components.

AAI uses TLS to ensure confidentiality, integrity and authenticity. The architecture consists of two-way certificate-based authentication over TLS 1.3.

This section describes how to configure the AAI Server and the Connectors to communicate with each other through HTTPS using two-way, certificate-based authentication over TLS 1.3.

This section includes the following pages:

• Configuring the AAI Server for TLS Authentication

• Configuring the Connectors for TLS Authentication

• Configuring TLS for the Webswing Server

• Configuring Kerberos Authentication

  • Using Kerberos Authentication with SQL Server

  • Using Kerberos Authentication with Oracle Database