+ Start a Discussion
AndreyVolAndreyVol 

Security Certificate for using Outbound Messaging with API 8.0

Hello,

I looking for some clarification the following requirement listed in the API 8.0 guide for utilizing Outbound Messaging:

  • If you use SSL, you must use port 443, and you must have a real certificate. If you certificate expires, message delivery will fail.
I have the following environments:

Development:
Windows XP Professional with IIS 5.0.

Production:
Windows Server 2003, IIS 6.0

I am looking for guidance on how to set up the required certificate for both of the environments. Any advice or pointers to online resources in appreciated.






dapkusdapkus
We mean that you should have a certificate issued by a well-known Certificate Authority, such as Verisign or Thawte, and that the domain name in the common name (or CN) for the certificate should match the domain name of the outbound messaging endpoint you configure.


SimplySfdcSimplySfdc
If use http should be no problem, right?
benjasikbenjasik
http works fine, but we recommend https so your data is encrypted.
DevAngelDevAngel
Right.
webmwebm
How does client authentication for outbound messages work?  If the target for the outbound message requires client authentication using digital certificates or a digital signature, is there a way to configure a that as part of the SOAP request?
 
Is there a outbound message batching capability?
 
Also, can you provide the roadmap for outbound messaging (queuing, retry configurability enhancements)?
 
Thanks
dapkusdapkus
This isn't supported... yet. We're targetting support for client side SSL certificates for our Spring '07 release. With this enhancement, you'd be able to confiure your Outbound Messaging Endpoint to request/require the outbound salesforce.com connection to authenticate itself with an SSL client certificate. It relies purely on SSL's support for client certificates; no changes to SOAP messages required.

you can vote for this feature on the Idea Exchange:

http://ideas.salesforce.com/article/show/59860/SSL_Client_Certificates_for_Outbound_Messaging_and_Delegated_Authentication_Coming_in_Spring_07