How to setup a custom certificate to work with inbound FIX:
SWITCH JAVA VERSION TO 11.0.12 !!!
Step 1: Generate the certificate
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out client.crt -keyout client.key
Step 2: Export certificate
openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12 -name client
Step 3: Import certificate to Keystore
keytool -importkeystore -alias client -srcstoretype PKCS12 -srckeystore client.p12 -destkeystore client.jks
Step 4: Mount the Keystore to the docker image
volumes:
- ./client_keystore/client.jks:/usr/local/algotrader/keystore/client.jks
Step 5: Configure the Keystore in the inbound fix settings
"fix.inbound.default.sslEnabled" : "Y",
"fix.inbound.default.sslKeyStore" : "/usr/local/algotrader/keystore/client.jks",
"fix.inbound.default.sslKeyStorePassword" : "password",
Step 6: Configure client sessions (NOTE: client.jks on client side should have the same certificate imported)
[default]
FileLogPath=log
FileLogHeartbeats=N
FileStorePath=files/fix/testclient
ConnectionType=initiator
TargetCompID=ALGOTRADER
SocketConnectHost=develop.algotrader.com
StartTime=00:00:00
EndTime=00:00:00
HeartBtInt=30
ReconnectInterval=5
UseDataDictionary=Y
DataDictionary=inboundfix/FIX44.xml
SLF4JLogHeartbeats=N
BeginString=FIX.4.4
SocketConnectPort=9880
SocketUseSSL=Y
SocketTrustStore=/path/to/client.jks
SocketTrustStorePassword=password
[session]
SenderCompID=COMP_ID_ORD
ResetOnLogon=N
RefreshOnLogon=Y
Username=API-KEY
Password=API-SECRET
[session]
SenderCompID=COMP_ID_MD
ResetOnLogon=Y
RefreshOnLogon=Y
Username=API-KEY
Password=API-SECRET
Comments
0 comments
Please sign in to leave a comment.