Hello People,
One of my blog post i was writing about the issue i had with my xconnect and experience analytics not working
On the same line i had to troubleshoot and check xconnect certificate and thumbprint in config files, So i also discovered in this process that lot of people like me did not have exact idea about how xconnect and sitecore communicates and what is thumbprint and why it is used and where it is configured, So thought to do a quick blog post about it.
Communication between Sitecore and Xconnect
Everyone of us will need to work with xconnect directly or indirectly, so its better to understand how sitecore talks to xconnect.
xconnect (Definition)
xConnect is the service layer that sits in between the xDB and any trusted client, device, or interface that wants to read, write, or search xDB data. Communication must happen over HTTPS and clients must have the appropriate certificate thumbprint
Now my point of interest here is to tell you is how Sitecore and xconnect connects and what is the thumbprint for it and where it is configured.
So xconnect is the server where client connects, so here in our case sitecore is the client which connect to xconnect for its services like analytics and marketing automation features and services which are abstracted in xconnect.
Why xconnect certificate is used
It provides additional layer of scurity and It is considered secure than traditional user name and password to communicate and it is cryptographically secure way to have a communication between Sitecore & Xconnect.
Now if we observe the xconnect AppSettings.config file of xconnect role
This is thumbprint of the xconnect certificate, and this setting defines that what other roles should have which thumbprint, you can verify this thumbprint with the certificate thumbprint to make sure that which certificate is being used to communicate.One of my blog post i was writing about the issue i had with my xconnect and experience analytics not working
On the same line i had to troubleshoot and check xconnect certificate and thumbprint in config files, So i also discovered in this process that lot of people like me did not have exact idea about how xconnect and sitecore communicates and what is thumbprint and why it is used and where it is configured, So thought to do a quick blog post about it.
Communication between Sitecore and Xconnect
Everyone of us will need to work with xconnect directly or indirectly, so its better to understand how sitecore talks to xconnect.
xconnect (Definition)
xConnect is the service layer that sits in between the xDB and any trusted client, device, or interface that wants to read, write, or search xDB data. Communication must happen over HTTPS and clients must have the appropriate certificate thumbprint
Now my point of interest here is to tell you is how Sitecore and xconnect connects and what is the thumbprint for it and where it is configured.
So xconnect is the server where client connects, so here in our case sitecore is the client which connect to xconnect for its services like analytics and marketing automation features and services which are abstracted in xconnect.
Why xconnect certificate is used
It provides additional layer of scurity and It is considered secure than traditional user name and password to communicate and it is cryptographically secure way to have a communication between Sitecore & Xconnect.
Now if we observe the xconnect AppSettings.config file of xconnect role
- AllowInvalidClientCertificates
- ValidateCertificateThumbprint
As shown above, i have opened the xconnect certificate and see the thumbprint, so we can make sure that this is the certificate and the thumbprint should be used in all roles (if scaled environment)
- Thumbprint needed in what roles in scaled environments
So, hope above information helps to understand why xconnect is needed, where to find thumbprint, what if we do not have trusted certificate and what all roles will need the same thumbprint to connect with xconnect.
Comments
Post a Comment