This scenario is the same as Scenario 1, except for the interaction from client C2 to server S2. Therefore, the configuration of Scenario 1 still is valid, but you have to modify server S2 slightly and add a configuration for client C2. The configuration is not modified for C1 or S1.
Configuring client C2
All further configuration involves setting properties within this file.
com.ibm.CSI.performTransportAssocSSLTLSSupported=true,
com.ibm.CSI.performTransportAssocSSLTLSRequired=false
com.ibm.CSI.performClientAuthenticationRequired=false,
com.ibm.CSI.performClientAuthenticationSupported=false
com.ibm.CSI.performTLClientAuthenticationRequired=false,
com.ibm.CSI.performTLClientAuthenticationSupported=true
Configuring server, S2
Related reference
Scenario 1: Basic authentication and identity assertion
Scenario 3: Client certificate authentication and RunAs system
Scenario 4: TCP/IP transport using a virtual private network
Scenario 5: Interoperability with WebSphere Application Server Version
4.x