Configuring Secure Sockets Layer for Java client authentication

WebSphere Application Server supports Java client authentication using a digital certificate when the client attempts to make a Secure Sockets Layer (SSL) connection. The authentication occurs during an SSL handshake. The SSL handshake is a series of messages exchanged over the SSL protocol to negotiate for connection-specific protection. During the handshake, the secure server requests the client to send back a certificate or certificate chain for the authentication.

Before you begin

To configure SSL for Java client authentication, consider the following questions:If you answer yes to all of these questions, you can configure SSL for Java client authentication.

Why and when to perform this task

Note: Java client authentication using digital certificates is supported only by the Common Secure Interoperability Version 2 (CSIv2) authentication protocol.

Steps for this task

  1. Configuring Common Secure Interoperability Version 2 for Secure Sockets Layer client authentication .
  2. Adding keystore files .
  3. Adding truststore files .
  4. Save changes.
  5. Restart the server if you have configured the server.

Example

What to do next

If a connection problem occurs, you can set a Java property, javax.net.debug=true, before you run your client or your server to generate debugging information. See Troubleshooting security configurations for further information about how to debug an IBM JSSE problem.

Related concepts
Authentication protocol for EJB security
Related tasks
Creating a Secure Sockets Layer repertoire configuration entry
Managing digital certificates
Related reference
Cryptographic token settings



Searchable topic ID:   tsecssljava
Last updated: Jun 21, 2007 8:07:48 PM CDT    WebSphere Business Integration Server Foundation, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.wasee.doc/info/ee/ae/tsec_ssljava.html

Library | Support | Terms of Use | Feedback