| Warning |
|---|
Since FIX Antenna C++/.NET version 2.13.0 and FIXEdge version, 5.9.0 SSL built-in support has been introduced. Refer to How to configure built-in SSL support for FIX session in FIXEdge for details. However, you can continue use stunnel with accordance to the current article if you wish. |
...
- Run stunnel GUI Start from Start menu Run
- Editstunnel.conf from stunnel system tray icon context menuAdd option
Code Block title stunnel. confprotocol = proxy - Comment example SSL services Add Add a new SSL service
- Reload stunnel.conf from stunnel system tray icon context menu
| Code Block | ||
|---|---|---|
| ||
[fix_initiator_session1_tunnel]
client = yes
accept = 127.0.0.1:443
connect = <counterparty_ip>:443 |
<counterparty_ip> - ip address of counterparty
...
Import the certificate to windows certificate with a certutil tool
Code Block certutil -addstore -user -f "My" <filename>.crt
Configure Windows Certificate store in Stunnel
Code Block title stunnel.conf engine = capi
and configure tunnel for the session requiring SSL Connection
Code Block title stunnel.conf [Exchange SSL connection] client = yes engineId = capi accept = 127.0.0.1:8443 connect = <exchange ip>:<exchange port>
<exchange ip> - Enchange connection IP
<exchange port> - Enchange connection portConfigure Initiator session in FIXEdge.properties
Code Block title FIXEdge.properties FixLayer.FixEngine.Session.EXCHANGE.Version = FIX44 FixLayer.FixEngine.Session.EXCHANGE.Role = Initiator FixLayer.FixEngine.Session.EXCHANGE.SenderCompID = FIXEDGE FixLayer.FixEngine.Session.EXCHANGE.TargetCompID = EXCHANGE FixLayer.FixEngine.Session.EXCHANGE.Host = 127.0.0.1 FixLayer.FixEngine.Session.EXCHANGE.Port = 8443 FixLayer.FixEngine.Session.EXCHANGE.HBI = 30 FixLayer.FixEngine.Session.EXCHANGE.RecreateOnLogout = true
...