Preparing documents to use Client Authentication
This section describes how to prepare documents to use
Client Authentication when sending them between two instances of
WebSphere Partner Gateway - Express. The following topics are included:
Using Client Authentication when sending documents from Express1
to Express2
Using Client Authentication when sending documents from Express2
to Express1
Using Client Authentication when sending documents from Express1
to Express2
The following steps describe how to prepare documents
to use Client Authentication when sending them from Express1 to
Express2.
- In Express1, generate a self-signed SSL client certificate keypair.
To do this, follow the instructions in Generating
a self-signed SSL client certificate keypair.
- In Express1, download the newly created client certificate,
and rename it to "Express1PublicClientAuth.der." To do this, follow
the instructions in Downloading the client
certificate for client authentication.
- In Express2, create a truststore by importing the client certificate
named "Express1PublicClientAuth.der." The following steps describe
how to do this:
- Copy the client certificate named "Express1PublicClientAuth.der"
to the following directory on Express2: <Express_Home>/was/java/bin
Important:
Keytool fails if you copy the client certificate to any
other directory.
- Use keytool to add the client certificate into a truststore.
To do this, follow the instructions in Adding a certificate
to a truststore, using "Express1PublicClientAuth.der" as the certification
filename. This will create the truststore file in the <Express_Home>/was/java/bin directory.
- In Express2, upload the newly created truststore file. To do
this, follow the instructions in Uploading
a truststore for client authentication.
Using Client Authentication when sending documents from Express2
to Express1
The following steps describe how to prepare documents
to use Client Authentication when sending them from Express2 to
Express1.
- In Express2, generate a self-signed SSL client certificate keypair.
To do this, follow the instructions in Generating
a self-signed SSL client certificate keypair.
- In Express2, download the newly created client certificate,
and rename it to "Express2PublicClientAuth.der." To do this, follow
the instructions in Downloading the client
certificate for client authentication.
- In Express1, create a truststore by importing the client certificate
named "Express2PublicClientAuth.der." The following steps describe
how to do this:
- Copy the client certificate named "Express2PublicClientAuth.der"
to the following directory on Express1: <Express_Home>/was/java/bin
Important:
Keytool fails if you copy the client certificate to any
other directory.
- Use keytool to add the client certificate into a truststore.
To do this, follow the instructions in Adding a certificate
to a truststore, using "Express1PublicClientAuth.der" as the certification
filename. This will create the truststore file in the <Express_Home/was/java/bin directory.
- In Express1, upload the newly created truststore file. To do
this, follow the instructions in Uploading
a truststore for client authentication.
