Preparing documents to use Client Authentication

This section describes how to prepare documents to use Client Authentication when sending them between two instances of WebSphere Partner Gateway - Express. The following topics are included:

Using Client Authentication when sending documents from Express1 to Express2

Using Client Authentication when sending documents from Express2 to Express1

Using Client Authentication when sending documents from Express1 to Express2

The following steps describe how to prepare documents to use Client Authentication when sending them from Express1 to Express2.

  1. In Express1, generate a self-signed SSL client certificate keypair. To do this, follow the instructions in Generating a self-signed SSL client certificate keypair.
  2. In Express1, download the newly created client certificate, and rename it to "Express1PublicClientAuth.der." To do this, follow the instructions in Downloading the client certificate for client authentication.
  3. In Express2, create a truststore by importing the client certificate named "Express1PublicClientAuth.der." The following steps describe how to do this:
    1. Copy the client certificate named "Express1PublicClientAuth.der" to the following directory on Express2: <Express_Home>/was/java/bin
      Important:
      Keytool fails if you copy the client certificate to any other directory.
    2. Use keytool to add the client certificate into a truststore. To do this, follow the instructions in Adding a certificate to a truststore, using "Express1PublicClientAuth.der" as the certification filename. This will create the truststore file in the <Express_Home>/was/java/bin directory.
  4. In Express2, upload the newly created truststore file. To do this, follow the instructions in Uploading a truststore for client authentication.

Using Client Authentication when sending documents from Express2 to Express1

The following steps describe how to prepare documents to use Client Authentication when sending them from Express2 to Express1.

  1. In Express2, generate a self-signed SSL client certificate keypair. To do this, follow the instructions in Generating a self-signed SSL client certificate keypair.
  2. In Express2, download the newly created client certificate, and rename it to "Express2PublicClientAuth.der." To do this, follow the instructions in Downloading the client certificate for client authentication.
  3. In Express1, create a truststore by importing the client certificate named "Express2PublicClientAuth.der." The following steps describe how to do this:
    1. Copy the client certificate named "Express2PublicClientAuth.der" to the following directory on Express1: <Express_Home>/was/java/bin
      Important:
      Keytool fails if you copy the client certificate to any other directory.
    2. Use keytool to add the client certificate into a truststore. To do this, follow the instructions in Adding a certificate to a truststore, using "Express1PublicClientAuth.der" as the certification filename. This will create the truststore file in the <Express_Home/was/java/bin directory.
  4. In Express1, upload the newly created truststore file. To do this, follow the instructions in Uploading a truststore for client authentication.

Copyright IBM Corp. 2003, 2005