XML QoS example for using RTI TLS Support to encrypt data
Note: The XML file attached to this solution works in RTI Connext DDS 5.0.0 or higher. Previous versions of RTI Connext DDS do not support merging of Participant properties in XML. To make this example work in pre-5.0.0 versions, copy the Participant properties from the base profile into the Publisher and Subscriber profiles.
By default, RTI Connext DDS uses the UDPv4 and Shared Memory transport to communicate with other DDS applications. In some circumstances, the TCP protocol might be needed for discovery and data exchange. For more information on the RTI TCP Transport, please refer to the section in the RTI Core Libraries and Utilities User Manual titled "RTI TCP Transport".
Additionally, in some circumstances it might be needed to encrypt the discovery and/or user traffic. This can be accomplished by using the RTI TLS libraries. For more information about the installation and licenses related to the RTI TLS Support libraries, please refer to the RTI_TLS_Support_InstallationGuide.pdf and RTI_TLS_Support_ReleaseNotes.pdf documents that are included in the downloadable package.
Included in the RTI Connext DDS installation bundle is an example in C of how to use the RTI TLS Support libraries. Attached to this solution is an example of a QoS XML file that can be used for an application in any supported programming language. You will need to use the files cacert.pem, peer1.pem and peer2.pem from the C example located in the folder
[RTI Connext DDS install dir]\example\C\helloWorldTCP
Note: To generate your own certificates, please refer to section titled Certificate Support in the RTI Core Libraries and Utilities User Manual.
You must ensure that the RTI Connext DDS libraries, RTI TCP transport library, RTI TLS Support library and the RTI openssl library are in the path in your environment.
To easily test this QoS XML file, you can create an example subscriber and publisher using rtiddsgen and simply change the call to create_participant to create_participant_wth_profile and use the QoS Library and profile name in the QoS XML file.
For example, the line to create a participant in a Java example would look like the following:
participant = DomainParticipantFactory.TheParticipantFactory.create_participant_with_profile(domainId, "TCP_Library", "TCP_Subscriber", null /* listener */, StatusKind.STATUS_MASK_NONE);
To run the test without modifying the QoS file, you will need to run the subscriber and publisher on the same machine.