We've already mentioned certificates and CryptoAPI, also shortened to CAPI. Now, it is time to take a closer look at both and see what they mean for a BizTalk application. Certificates are used to authenticate a user and/or the data he or she is sending, the encoding of data ensuring its originality and proof of not being tampered with, and encryption of data sent by a user, preventing others from reading the original data.You have probably seen the use of certificates in applications such as Outlook and Internet Explorer; however, the Encrypting File System (EFS) and IPSec are using certificates to encrypt files on disk. The applications all need to have access to the certificates that are reside in certificate stores that are system or user related. In fact, when configuring messaging ports and/or channels, using the BizTalk Messaging Manager, you can select certificates for subsequent inbound and outbound messaging. When you built a XLANG schedule engine or another COM+ application and need to securely exchange messages, make use of CryptoAPI to access a Certificate store, and use the certificates for authentication, encoding, and/or encryption purposes.
This chapter will not go into detail on how public-key encryption works. However, you can find more information on this subject in the Syngress book Configuring Windows 2000 Server, or go to www.microsoft.com/windows2000/ technologies/security.
Was this article helpful?