Connectivity
  • 06 Jan 2023
  • Dark
    Light
  • PDF

Connectivity

  • Dark
    Light
  • PDF

Article summary

The entire purpose of an adapter is to communicate with other systems. As such, it needs to have connectivity with the system it is trying to communicate with. If there are firewalls preventing the communication from the adapter to the system, the adapter will be unable to do what it is intended to do. You need to make sure that rules are put in place to allow for the communication to happen.

We often assume the connectivity is there when it may not be. Here are a few ways to check connectivity:

  • Use ping from the IAP server to make sure you can see the other server.
  • Use telnet from the IAP server to the server and port of the other system.
  • If connectivity appears to be blocked, run traceroute (or an equivalent command) to determine where the connectivity is blocked. This will help provide the appropriate team with the information they need to open access.
  • Run a curl command from the IAP server to the other system. It is important to run this from the IAP server (where the adapter is) and not your local machine to confirm that the system-to-system communication path is open.

If the adapter is not configured with the correct connectivity information, the adapter will load, but the healthcheck (if configured to run) will fail when IAP or the adapter is restarted. Also, all other adapter calls will fail to execute successfully (often resulting in a 400 or 404 error). Connectivity also requires you to configure these adapter properties:

  • host
  • port
  • protocol
  • ssl sub-properties if using ssl/tls
    • If using ssl/tls, you should make sure the IAP Service Instance Configuration for the adapter has the ssl.enabled field set to true.
    • For development/lab environements, you can generally set ssl.accept_invalid_cert to true in the IAP Service Instance Configuration for the adapter. However, this is not recommended for production environments since it bypasses the certificate validation.
    • For production, you should use a ssl.ca_file. You can usually get the CA from the administrator for the other system. Simply provide that CA in the ca_file property within the IAP Service Instance Configuration for the adapter in IAP Admin Essentials.

Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.