Page tree
Skip to end of metadata
Go to start of metadata

Since FIX Antenna C++/.NET version 2.13.0 and FIXEdge version 5.9.0 SSL built-in support has been introduced. Refer to How to configure built-in SSL support for FIX session in FIXEdge for details. However, you can continue use stunnel with accordance to the current article if you wish.


Simple configuration FIXEdge -> Stunnel -> (VPN) -> SSL acceptor

Install stunnel

Download latest version of installer from https://www.stunnel.org/downloads.html

Run installer and answer questions to generate certificate.

Configure stunnel

Initiator FIX session

  1. Run stunnel GUI Start from Start menuRun  
  2. Edit stunnel.conf from stunnel system tray icon context menu
    1. Add option 
      protocol = proxy
    2. Comment example SSL services
    3. Add SSL service
      [fix_initiator_session1_tunnel]
      client = yes
      accept  = 127.0.0.1:443
      connect = x.x.x.x:443
  3. Run Reload stunnel.conf from stunnel system tray icon context menu

Configure fix session

  1. Open FIXEdge.properties to specify Initiator FIX session parameters:

    Initiator FIX session

    FIXEdge.properties
    FixLayer.FixEngine.Session.SSLInitiator.Role = Initiator
    FixLayer.FixEngine.Session.SSLInitiator.Host = 127.0.0.1
    FixLayer.FixEngine.Session.SSLInitiator.Port = 443
  2. Connect to VPN (if necessary; if not, just skip this step);

  3. Start FIXEdge.

Complex configuration: Broker/Stock -> Broker's/Stock's Stunnel -> FIXEdge's Stunnel -> FIXEdge -> FIXEdge's Stunnel -> Broker's/Stock's Stunnel -> Broker/Stock

Server F (FIXEDGE):  y.y.y.y where FIXEdge is installed

Server B (BROKER):  x.x.x.x where SimpleClient #1 and SimpleClient #2 are installed. SimpleClient #1 will simulate Broker and SimpleClient #2 will simulate StockExchange.

Server F (FIXEDGE) Configuration

FIXEdge.properties

# -----------------[ SC1 AS ACCEPTOR SEND MESSAGE TO SC2 ] ------------------
FixLayer.FixEngine.Session.FIXEDGE-SC1.Version = FIX44
FixLayer.FixEngine.Session.FIXEDGE-SC1.EncryptMethod = 0
FixLayer.FixEngine.Session.FIXEDGE-SC1.ForceSeqNumReset = 0
FixLayer.FixEngine.Session.FIXEDGE-SC1.IgnoreSeqNumTooLowAtLogon = false
FixLayer.FixEngine.Session.FIXEDGE-SC1.IntradayLogoutTolerance = false
FixLayer.FixEngine.Session.FIXEDGE-SC1.MaxMessagesAmountInBunch = 0
FixLayer.FixEngine.Session.FIXEDGE-SC1.RecreateOnLogout = false
FixLayer.FixEngine.Session.FIXEDGE-SC1.TerminateOnLogout = true
FixLayer.FixEngine.Session.FIXEDGE-SC1.RejectMessageWhileNoConnection = false
FixLayer.FixEngine.Session.FIXEDGE-SC1.Role = Acceptor
FixLayer.FixEngine.Session.FIXEDGE-SC1.SenderCompID = FIXEDGE
FixLayer.FixEngine.Session.FIXEDGE-SC1.SenderLocationID =
FixLayer.FixEngine.Session.FIXEDGE-SC1.SenderSubID =
FixLayer.FixEngine.Session.FIXEDGE-SC1.SocketPriority = EVEN
FixLayer.FixEngine.Session.FIXEDGE-SC1.SecurityGroups =
FixLayer.FixEngine.Session.FIXEDGE-SC1.StorageType = persistentmm
FixLayer.FixEngine.Session.FIXEDGE-SC1.TargetCompID = SC1
FixLayer.FixEngine.Session.FIXEDGE-SC1.TargetLocationID =
FixLayer.FixEngine.Session.FIXEDGE-SC1.TargetSubID =
FixLayer.FixEngine.Session.FIXEDGE-SC1.TcpBufferDisabled = false

# ----------------- [SC2 AS  INITIATOR RECEIVED MESSAGES SENT FROM  SC1] ----------
FixLayer.FixEngine.Session.FIXEDGE-SC2.Version = FIX44
FixLayer.FixEngine.Session.FIXEDGE-SC2.EncryptMethod = 0
FixLayer.FixEngine.Session.FIXEDGE-SC2.ForceReconnect = false
FixLayer.FixEngine.Session.FIXEDGE-SC2.ForceSeqNumReset = 0
FixLayer.FixEngine.Session.FIXEDGE-SC2.HBI = 30
FixLayer.FixEngine.Session.FIXEDGE-SC2.Host = 127.0.0.1
FixLayer.FixEngine.Session.FIXEDGE-SC2.IgnoreSeqNumTooLowAtLogon = false
FixLayer.FixEngine.Session.FIXEDGE-SC2.IntradayLogoutTolerance = false
FixLayer.FixEngine.Session.FIXEDGE-SC2.MaxMessagesAmountInBunch = 0
FixLayer.FixEngine.Session.FIXEDGE-SC2.Port = 444
FixLayer.FixEngine.Session.FIXEDGE-SC2.RecreateOnLogout = false
FixLayer.FixEngine.Session.FIXEDGE-SC2.TerminateOnLogout = true
FixLayer.FixEngine.Session.FIXEDGE-SC2.RejectMessageWhileNoConnection = false
FixLayer.FixEngine.Session.FIXEDGE-SC2.Role = Initiator
FixLayer.FixEngine.Session.FIXEDGE-SC2.SenderCompID = FIXEDGE
FixLayer.FixEngine.Session.FIXEDGE-SC2.SenderLocationID =
FixLayer.FixEngine.Session.FIXEDGE-SC2.SenderSubID =
FixLayer.FixEngine.Session.FIXEDGE-SC2.SocketPriority = EVEN
FixLayer.FixEngine.Session.FIXEDGE-SC2.SecurityGroups =
FixLayer.FixEngine.Session.FIXEDGE-SC2.StorageType = persistentmm
FixLayer.FixEngine.Session.FIXEDGE-SC2.TargetCompID = SC2
FixLayer.FixEngine.Session.FIXEDGE-SC2.TargetLocationID =
FixLayer.FixEngine.Session.FIXEDGE-SC2.TargetSubID =
FixLayer.FixEngine.Session.FIXEDGE-SC2.TcpBufferDisabled = false

BL_Config.xml

<Rule>
	<Source Name="FIXEDGE-SC1"/>
    <Action>
    	<Send Name="FIXEDGE-SC2" />
	</Action>
</Rule>

<Rule>
	<Source Name="FIXEDGE-SC2"/>
    <Action>
    	<Send Name="FIXEDGE-SC1" />
    </Action>
</Rule>

stunnel.conf

[ToStockExchange]
protocol = proxy
client = yes
accept  = 127.0.0.1:444
connect = x.x.x.x:443
 
[FromBroker]
protocol = proxy
accept  = y.y.y.y:443
connect = 127.0.0.1:8901

Server B (BROKER) Configuration

stunnel.conf

[FromBrokerToFIXEdge]
protocol = proxy
client = yes
accept  = 127.0.0.1:444
connect = y.y.y.y:443

[FromFIXEdgeToStockExchange]
protocol = proxy
accept  = x.x.x.x:443
connect = 127.0.0.1:9106

SimpleClient #1 conf

SenderCompID = SC1
TargetCompID = FIXEDGE
Remote host = 127.0.0.1
Remote port = 444

Set ListenPort in engine.properties to 9107 (ListenPort = 9107)

SimpleClient #2 conf

Set ListenPort in engine.properties to 9106 (ListenPort = 9106)

How to use

  1. Start SimpleClient #2
  2. Start FIXEdge - session between FIXEdge and SimpleClient #2 (SC2) should be established
  3. Start SimpleClient #1 (SC1) and establish session with FIXEdge using parameters from point 3
  4. Send application level messages from SimpleClient #1 - message will be routed to SimpleClient #2
  5. Send application level messages from SimpleClient #2 - message will be routed to SimpleClient #1

 

  • No labels