Communication between the Engine side (Remote Interface Shim) and the Remote Loader

How does communication between the IDM engine (Remote Interface Shim) and the Remote Loader happen?

1.  The Remote Loader listens on the configured TCP/IP port for a single  client connection.

2.  The Remote Interface shim (which is part of the IDM engine) establishes a client TCP connection to the  Remote Loader.

3.  If TLS/SSL is configured then the TLS/SSL handshake is initiated by the  Remote Loader with the Remote Loader acting as client and the Remote  Interface shim acting as server for the TLS/SSL handshake (this is the  reverse of the TCP/IP connection). The handshake "sense" is reversed so that  the only key data that needs to be stored on the Remote Loader machine is the  Public Key Certificate of the Engine side. If the Remote Loader acted as  server for the TLS/SSL handshake then the Remote Loader would need a Private  Key as well as a Public Key.

4.  The Remote Loader handshake is performed with the following steps:

   d.  The Remote Interface shim sends an XDS <check-password> command containing  the received password to the Engine. The Engine calls eDirectory to check the  password against the DirXML-Driver object's password. If the password does not  match then the Remote Interface shim sends an error status document and  closes the TCP/IP connection.

5.  Once the connection is established and both sides are authenticated to  each other via the Remote Loader handshake then XML documents that transmit  events (in the case of the Publisher channel) and commands (in the case of  the Subscriber channel) are sent in both directions.