Page tree
Skip to end of metadata
Go to start of metadata

Overview

This article describes how to configure SSL for FIX session.

Configuration is available for FIXEdge installations on both Windows and Linux starting from FIX Antenna C++/.NET version 2.13.0 and FIXEdge version 5.9.0.

Step-by-step guide

  1. Create self-signed SSL certificate via open SSL using the following instructions:

    openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes -days XXX -keyout key.pem
  2. Copy created certificate to FIXEdge/FixEdge1/conf folder (or any other one);

  3. Add the following properties to your FIX session in FIXEdge.properties file pointing to certificate storage determined on previous step:

    FixLayer.FixEngine.Sessions = FIXSession
    FixLayer.FixEngine.Session.FIXSession.Version = FIX44
    FixLayer.FixEngine.Session.FIXSession.Role = Initiator
    FixLayer.FixEngine.Session.FIXSession.SenderCompID = SID
    FixLayer.FixEngine.Session.FIXSession.TargetCompID = TID
    FixLayer.FixEngine.Session.FIXSession.SenderSubID = SSUB
    FixLayer.FixEngine.Session.FIXSession.TargetSubID = TSUB
    FixLayer.FixEngine.Session.FIXSession.Host = *** remote host requiring SSL ****
    FixLayer.FixEngine.Session.FIXSession.Port = *** remote port ****
    FixLayer.FixEngine.Session.FIXSession.HBI = 10
    # Other session parameters are intentionally omited
    # **** SSL specific configuration *****
    FixLayer.FixEngine.Session.FIXSession.SSL = true 
    FixLayer.FixEngine.Session.FIXSession.SSLCheckPrivateKey = true
    # Path to SSL certificate 
    FixLayer.FixEngine.Session.FIXSession.SSLCertificate = C:/B2BITS/FIXEdge/FixEdge2/conf/cert.pem
    # Path to SSL private key. Parameter is optional. 
    # If it is omitted Engine tries to load private key from the same file as SSLCertificate parameter states. 
    FixLayer.FixEngine.Session.FIXSession.SSLPrivateKey = C:/B2BITS/FIXEdge/FixEdge2/conf/key.pem
    # SSL protocol(s) to be used (comma separated list). Supported valid values: SSLv2, SSLv3, TLSv1, TLSv1_1, TLSv1_2.
    FixLayer.FixEngine.Session.FIXSession.SSLProtocols = SSLv2, SSLv3, TLSv1, TLSv1_1, TLSv1_2 
  4. Start FixEdge.
  • No labels