WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Configuring CSIv2 for SSL client authentication

Why and when to perform this task

Complete the following steps to configure CSIv2 for SSL client authentication:

Steps for this task

  1. Start the administrative console.
  2. Configure CSIv2 inbound authentication.
    1. Expand Security > Global security.
    2. Under Authentication, click Authentication protocol > CSIv2 inbound authentication.
    3. Select Supported or Required for Client certificate authentication. If you selected Required, also configure the CSIv2 outbound authentication to support the client certificate authentication.
    4. Click OK.
  3. Optional: Configure CSIv2 outbound authentication.
    1. Expand Security > Global security.
    2. Under Authentication, click Authentication protocol > CSIv2 outbound authentication.
    3. Select either Supported or Required for Client certificate authentication.
      Important: If Client certificate authentication is Required for either inbound or outbound authentication, you must at least select Supported for the complementary authentication protocol. For example, for CSIv2 inbound authentication, if you select Required for Client certificate authentication, you must at least select Supported for Client certificate authentication when you configure CSIv2 outbound authentication.
  4. Create a SSL configuration repertoire. For more information, see the "Creating a Secure Sockets Layer repertoire configuration entry" article in the Information Center.
  5. Configure CSIv2 outbound transport.
    1. Expand Security > Global security.
    2. Under Authentication, click Authentication protocol > CSIv2 Outbound Transport.
    3. In the Transport field, select either SSL-required or SSL-supported. Select SSL-supported if your server must communicate with servers that do not support SSL authentication.
    4. In the SSL settings field, select the SSL configuration repertoire that you previously configured.
  6. Configure CSIv2 inbound transport.
    1. Expand Security > Global security.
    2. Under Authentication, click Authentication protocol > CSIv2 Inbound Transport.
    3. In the Transport field, select either SSL-required or SSL-supported. Select SSL-supported if your server must communicate with servers that do not support SSL authentication.
    4. In the SSL settings field, select the SSL configuration repertoire that you previously configured.
  7. Save your configuration.
  8. Restart the server for the changes to become effective.

Result

Client authentication using digital certificates is performed during SSL connection. A secure client connects using SSL to a secure Internet InterORB Protocol (IIOP) server with client authentication at the transport layer.

What to do next

Specify the keystore and truststore files in your configuration.



Related tasks
Editing the sas.client.props file for Secure Sockets Layer client authentication
Configuring Secure Sockets Layer for Java client authentication

Task topic    

Terms of Use | Feedback

Last updated: Dec 11, 2005 4:07:15 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_configsas.html

© Copyright IBM Corporation 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)