Versions Compared

Old Version 31

changes.mady.by.user AntonA

Saved on

compared with

New Version Current

changes.mady.by.user Andrei Bakhteev

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Warning

Since FIX Antenna C++/.NET version 2.13.0 and FIXEdge version, 5.9.0 SSL built-in support has been introduced. Refer to How to configure built-in SSL support for FIX session sessions in FIXEdge for details. However, you can continue use stunnel with accordance to the current article if you wish.

...

  1. Run stunnel GUI Start from Start menu Run  

  2. Editstunnel.conf from stunnel system tray icon context menu. Add a new SSL service

    Code Block
    titlestunnel.conf
    [fix_initiator_session1_tunnel]
client = yes
accept  = 127.0.0.1:443
connect = <counterparty_ip>:443

    <counterparty_ip> - ip address of counterparty

  3. Reload stunnel.conf from stunnel system tray icon context menu

...

  1. Open FIXEdge.properties to specify Initiator FIX session parameters:

    Initiator FIX session

    Code Block
    title FIXEdge.properties
    FixLayer.FixEngine.Session.SSLInitiator.Role = Initiator
FixLayer.FixEngine.Session.SSLInitiator.Host = 127.0.0.1
FixLayer.FixEngine.Session.SSLInitiator.Port = 443
    Info

    See Additional properties for SSL configuration also

  2. Connect to VPN (if necessary; if not, just skip this step);

  3. Start FIXEdge.

Configuration example #2. FIXEdge is a proxy between 2 counterparties.

...

Code Block
languageperl
titleFIXEdge.properties
FixLayer.FixEngine.Sessions = EXCHANGE, CLIENT
# -----------------[ FIXEdge connects to EXCHANGE as Initiator ] ------------------
FixLayer.FixEngine.Session.EXCHANGE.Role = Initiator
FixLayer.FixEngine.Session.EXCHANGE.HBI = 30
FixLayer.FixEngine.Session.EXCHANGE.Host = 127.0.0.1
FixLayer.FixEngine.Session.EXCHANGE.Port = 444
FixLayer.FixEngine.Session.EXCHANGE.Version = FIX44
FixLayer.FixEngine.Session.EXCHANGE.SenderCompID = FIXEDGE
FixLayer.FixEngine.Session.EXCHANGE.TargetCompID = EXCHANGE
# ... the rest parameters for EXCHANGE

# ----------------- [ FIXEdge accepts connection from the CLIENT] ----------
FixLayer.FixEngine.Session.CLIENT.Role = Acceptor
FixLayer.FixEngine.Session.CLIENT.Version = FIX44
FixLayer.FixEngine.Session.CLIENT.SenderCompID = FIXEDGE
FixLayer.FixEngine.Session.CLIENT.TargetCompID = CLIENT
# ... the rest parameters for CLIENT


Info

See Additional properties for SSL configuration also

BL_Config.xml

Simple routing configuration

...

  1. Import the certificate to windows certificate with a certutil tool

    Code Block
    certutil -addstore -user -f "My" <filename>.crt

  2. Configure Windows Certificate store in Stunnel

    Code Block
    titlestunnel.conf
    engine = capi

    and configure tunnel for the session requiring SSL Connection

    Code Block
    titlestunnel.conf
    [Exchange SSL connection]
client = yes
engineId = capi
accept = 127.0.0.1:8443
connect = <exchange ip>:<exchange port>

    <exchange ip> - Enchange connection IP
    <exchange port> - Enchange connection port

  3. Configure Initiator session in FIXEdge.properties

    Code Block
    titleFIXEdge.properties
    FixLayer.FixEngine.Session.EXCHANGE.Version = FIX44
FixLayer.FixEngine.Session.EXCHANGE.Role = Initiator
FixLayer.FixEngine.Session.EXCHANGE.SenderCompID = FIXEDGE
FixLayer.FixEngine.Session.EXCHANGE.TargetCompID = EXCHANGE
FixLayer.FixEngine.Session.EXCHANGE.Host = 127.0.0.1
FixLayer.FixEngine.Session.EXCHANGE.Port = 8443
FixLayer.FixEngine.Session.EXCHANGE.HBI = 30
FixLayer.FixEngine.Session.EXCHANGE.RecreateOnLogout = true
    Info

    See Additional properties for SSL configuration also