How to connect to CME Globex using Secure Logon API

Owned by AntonA (Unlicensed)
Last updated: Oct 07, 2021 by Artem Kleshchev (Unlicensed)

CME secure logon provides an ability to log on using SHA256 digital signature technique. This login feature has been introduced by CME and provides the highest security.

It needs to obtain a security keys file from CME (CME Request Center NR/Cert) in order to use it. Once it is available, FIX Antenna can be configured to use secure login for connecting to CME.

For connecting to EBS Globex Secure API the Session ID in the exported cmekeys.txt should be truncated to the first 3 characters.

For example, TSTEBSN should become TST.             

The session that connects using CME secure feature may be created in the code:

SessionParameters details = new SessionParameters();
details.setFixVersion(FIXVersion.FIX42);
details.setHost("localhost");
details.setHeartbeatInterval(30);
details.setPort(3000);
details.setSenderCompId("senderId");
details.setTargetCompId("targetId");
details.setSenderSubId("senderSubId");
details.setTargetSubId("targetSubId");
details.setSenderLocationId("senderLocationId");
//the following three parameters are required for the feature.
details.getConfiguration().setProperty(Configuration.INCLUDE_LAST_PROCESSED, "YES");
details.getConfiguration().setProperty(Configuration.CME_SECURE_KEYS_FILE, "cmeKeys.txt"); //Defines name of keys file. It should be located in classpath, root directory of running java application or home directory.
details.getConfiguration().setProperty(Configuration.LOGON_CUSTOMIZATION_STRATEGY, Configuration.CME_SECURE_LOGON_STRATEGY);

final FIXSession session = details.createNewFIXSession();
...
session.connect();
It can also be created using properties:
sessionIDs=client1

sessions.default.host=69.50.112.139
sessions.default.port=24920
sessions.default.fixVersion=FIX.4.2
sessions.default.heartbeatInterval=30
sessions.default.validation=false
sessions.default.storageFactory=com.epam.fixengine.storage.InMemoryStorageFactory
sessions.default.cmeSecureKeysFile=cmeKeys.txt
sessions.default.logonCustomizationStrategy=com.epam.fixengine.session.impl.CmeSecureLogonStrategy
sessions.default.includeLastProcessed=true

sessions.client1.senderCompID=U89004N
sessions.client1.targetCompID=CME
sessions.client1.targetSubID=G
sessions.client1.senderSubID=0J4L
sessions.client1.senderLocationID=US

and applied using the following code:

SessionParameters details = SessionParametersBuilder.buildSessionParameters("initiators.properties", "client1");

// create session we intend to work with
final FIXSession session = details.createInitiatorSession();
...
session.connect();


Note: tags SenderSubID, TargetSubID, SenderLocationID are required for the feature.

Available from: 2.19.0