MID Server security considerations Several options are available for you to enhance security on MID Servers, including credential and encryption security, the authorization of SOAP requests, and the establishment of secure socket layer (SSL) connections. Encrypt MID Server login credentials The MID Server login credentials appear in the config.xml file in clear text by default, but you can encrypt them. See Encrypt MID Server login credentials for instructions. MID Server encryption keypairs Automation credentials are secured by encrypting them in the instance with the MID Server’s trusted public key prior to transmission. When the MID Server is created, it generates a keypair, consisting of a public and private key. After the MID Server is validated, it can use the private key to decrypt automation credentials. You should occasionally rekey the MID Server to meet your organizations security requirements. See Rekey a MID Server for instructions. SSL certificates You can add certificates to the MID Server if you want communication to occur over SSL. You can add these certificates to the cacerts keystore file: Signing Certificate Authority (CA) certificate MID Server certificate See Add SSL certificates for the MID Server for instructions. Basic authentication credentials and SOAP requests You can enforce basic authentication on each request. The MID Server is not able to communicate through a proxy server if the proxy server supports only NTLM authentication. You can use basic authentication with a proxy server or create an exception for the MID server host. Supplying basic authentication information, regardless of whether it is required, has an added advantage. The web service invocation creates or updates data using the supplied credentials. For example, when you create an incident record, the journal fields have the user id of the basic authenticated user instead of the default Guest user. This behavior allows you to identify data added by a specific MID Server. You can set basic authentication credentials for SOAP requests. See Use basic authentication credentials for a MID Server for instructions. Each SOAP request contains an Authorization header as specified in the Basic Authentication protocol. Note: The setting for enforcing strict security controls how the instance uses the credentials you provide for the MID Server. When the setting is enabled, you must provide a user ID with access to the tables the MID Server is trying to access. When the setting is disabled, any valid user ID allows the MID Server to access to all tables. Encrypt MID Server login credentialsThe MID Server login credentials appear in the config.xml file in clear text. If access to the MID Server host machine is not secure, store the login credentials in this file in encrypted form.Rekey a MID ServerRotate the MID Server keypairs, if necessary, to satisfy your organization's security requirements.Add SSL certificates for the MID ServerConfigure the MID Server to connect over SSL.Use basic authentication credentials for a MID ServerYou can enforce basic authentication on each request.