For security in FIX messaging, C++ FIX Engine provides the ability to encrypt FIX connections with the SSL (Secure Sockets Layer) or TLS (Transport Layer Security) protocols. SSL v3.0, TLS v1.0, v1.1, v1.2 are supported. The actual protocol and version are chosen automatically by a server side during the TLS/SSL Handshake. The client sends the highest version number that is supported and the server sends the highest version number that is supported by both sides. This is the protocol version that will be used during the connection.
To use TLS/SSL in FIX connectivity, the following steps should be taken:
SSL.PrivateKeyFileparameters in Engine configuration settings. They can refer to the same file if it contains both the TLS/SSL certificate and the private key. Also,
SSL.CertificateFileparameter can refer to a certificate chain file with multiple CA certificates.
newEncryptionMethodparameter value right after the creation of the OnixS::FIX::Session object.