We are stepping through configuring secure transmission between our Bibliotheca self-check machines and our new LSP, OCLC's WorldShare, using stunnel. We are in the process of migrating from Aleph (an Ex Libris product) to WorldShare and, in the past, have set up our Bibliotheca self-checks with Aleph using stunnel and an SSL certificate provided by Ex Libris. This is not something that OCLC does, or has apparently needed to do with other libraries. On their end they authenticate whether our machine is our machine based on its IP address but beyond that data transmission is insecure.
Most of us working on this are new to SSL certificates, stunnel, and securing transmission between our self-checks and a vendor system hosted on a server that we don't have control over. Has anyone had experience doing something similar to this? If so, could we pick your brain?
On a related, but broader, note: what is the origin of SSL certificates? Where did this come from and why wouldn't it be a standard thing a vendor supports?
Please feel free to contact any of us.
Awais Mehmood Khalid
Team Leader, Application Development | Digital Initiatives | McGill University Library
P:514-398-1846 |E:[log in to unmask]