Middleware Client Security Settings
- Last UpdatedMay 17, 2023
- 1 minute read
Starting with MES version 7.0, synchronous communications between the MES middleware and client components are encrypted by default. The following settings allow for disabling encryption.
Security Mode for HTTP Communication
The default and recommended setting is TRANSPORT for secure communication using HTTPS. Select NONE (not recommended) for unsecured communication using HTTP.
Security Mode for TCP Communication
The default and recommended setting is TRANSPORT for secure communication. Select NONE (not recommended) for unsecured communication.
Communications between the MES middleware and the middleware proxies on client nodes can use either HTTPS/HTTP or TCP. HTTPS/HTTP is typically used when the Middleware Server and client nodes are not located in the same building. TCP is typically used when the Middleware Server and client nodes are located in the same building. This selection is based on the middleware proxy's Protocol setting for the MES Middleware Proxy component in the post‑install Configurator.
Note: If the security mode for TCP is enabled and the user under which the middleware service is running is changed from a Windows service account to a domain user account, communication with that middleware service from client machines will fail. For secure TCP communication (i.e., Security Mode for TCP Communication set to TRANSPORT), the MES middleware service must run under a virtual service account. To avoid this condition, use either HTTP communication or, to continue using TCP, disable the TCP security mode and in the post-install Configurator reconfigure the MES Middleware Proxy component.