Configuring a bus to allow client SSL authentication

You can configure a service integration bus to enable connecting client JMS applications to authenticate by using Secure Sockets Layer (SSL) certificates.

Before you begin

You must ensure that the following tasks have been completed:
  • Administrative security is enabled. For more information, see 보안 사용 가능.
  • A stand-alone Lightweight Directory Access Protocol (LDAP) user registry has been configured for storing user and group IDs. To access the user registry, you must know a valid user ID that has the administrative role, and password, the server host and port of the registry server, and the base distinguished name (DN). For more information, see Lightweight Directory Access Protocol 사용자 레지스트리 구성.
  • Bus security is enabled. For more information, see 버스 보안 사용 불가능.
  • JMS client applications have been configured to authenticate by using client SSL certificates.

About this task

If you want to allow connecting JMS application clients to authenticate to the bus by using client SSL certificates, define an SSL configuration. There are two parts to this task. First you use the administrative console to map SSL certificates to entries in the LDAP user registry. Secondly, you create a unique SSL configuration for each endpoint address for which you want to use client SSL authentication. Do not use the default SSL configuration for the bus.

Procedure

  1. Use the administrative console to define certificate filters to map an SSL certificate to an entry in the LDAP server. For more information, see SSL(Secure Sockets Layer) 구성 작성. The client SSL certificate is mapped to a user ID in the user registry.
  2. Create a separate SSL configuration file for each endpoint address for server, bus member or cluster on the bus, and select that client authentication is required. For more information, see SSL(Secure Sockets Layer) 구성 작성

Results

The bus is configured to allow client SSL authentication.

What to do next

Connecting JMS client applications can now authenticate to the bus using client SSL certificates.

주제 유형을 표시하는 아이콘 태스크 주제



시간소인 아이콘 마지막 업데이트 날짜: July 9, 2016 6:11
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tjr_config_bus_SSL
파일 이름:tjr_config_bus_SSL.html