Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Encrypt/decrypt the connection between publisher and dispatcher

Avatar

Level 4
Level 4
6/30/22 9:21:27 PM

Hi Experts

There is a request to encrypt/decrypt the connection between the publisher and dispatcher.  We want all the data flow to encrypt i.e the flow from the publisher to dispatcher & author to publisher. 

 

Please advise achieving this?

 

Thanks in advance 

Nanda

Views

482

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 7
Level 7
6/30/22 10:20:45 PM

I think its better if you provide more information like whether you on on-prem, AMS or CS.

 

This seems to be a tedious job and I have not seen anyone doing this. What kind of security threat you are seeing?

In case of

  • On-Prem - You own both author & publisher. Then i dont think you need this as you habe full control of author/publisher which means you can control who can access your environments. And ideally you should have both author & publisher behind the fireball. I dont see a major issue here.
  • AMS/CS - Environment owned by Adobe and we have seen many banking customers, financial domains customer who are using this without demanding the need to encrpyt the data flow b/w author & publisher.

 

It better, if you once more why this is needed? Is this really posing a threat to your system or data?

View solution in original post

Views

475

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Level 7
Level 7
6/30/22 10:20:45 PM

I think its better if you provide more information like whether you on on-prem, AMS or CS.

 

This seems to be a tedious job and I have not seen anyone doing this. What kind of security threat you are seeing?

In case of

  • On-Prem - You own both author & publisher. Then i dont think you need this as you habe full control of author/publisher which means you can control who can access your environments. And ideally you should have both author & publisher behind the fireball. I dont see a major issue here.
  • AMS/CS - Environment owned by Adobe and we have seen many banking customers, financial domains customer who are using this without demanding the need to encrpyt the data flow b/w author & publisher.

 

It better, if you once more why this is needed? Is this really posing a threat to your system or data?

Views

476

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 4
Level 4
7/1/22 12:06:53 AM
In response to tusharbias

Thank you@tusharbias,  You are correct that this is not required as long as in on-prem. 

 

Our AEM is on-Prem and decided to move to the cloud, which is non-AMS. The recommendation from the cloud team is to encrypt/decrypt all the flows, which is why this request had raised. 

 

Is there any possibility to achieve this?

 

Thanks

Nanda

 

 

 

Views

463

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Replication Event Listener stopped working on AEMaaCS Publisher

Views

97

Likes

0

Replies

4
Serve Images in Next-Gen Format i.e in WebP and AVIF

Views

236

Likes

0

Replies

2
How to Implement OAuth 2.0 in AEM as the Client Application | AEMasCS

Views

117

Likes

0

Replies

2
Restrict ServerAlias domain in dispatcher based on environment

Views

83

Likes

0

Replies

1
When Asset expires, display the default image path

Views

103

Likes

0

Replies

2