Configuring Secure Sockets Layer for Java client authentication

WebSphere Application Server supports Java client authentication using a digital certificate when the client attempts to make a Secure Sockets Layer (SSL) connection. The authentication occurs during an SSL handshake. The SSL handshake is a series of messages that are exchanged over the SSL protocol to negotiate for connection-specific protection. During the handshake, the secure server requests that the client send back a certificate or certificate chain for the authentication.

Before you begin

To configure SSL for Java client authentication, consider the following questions: If you answer yes to all of these questions that are appropriate to your product and platform, you can configure SSL for Java client authentication.

About this task

Note: Java client authentication using digital certificates is supported only by the Common Secure Interoperability Version 2 (CSIv2) authentication protocol.

Procedure

  1. Editing the sas.client.props file for Secure Sockets Layer client authentication.
  2. Adding keystore files.
  3. Adding truststore files.
  4. Save changes.
  5. Restart the server if you configured the server.

What to do next

A secure client connects to a secure Internet Inter-ORB Protocol (IIOP) server that requires client authentication at the transport layer. If a connection problem occurs, you can set the javax.net.debug=true Java property before you run your client or your server to generate debugging information. See Troubleshooting security configurations for further information about how to debug an IBMJSSE problem.



In this information ...


Related reference

IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 6:22:59 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-express-dist&topic=tsecssljava
File name: tsec_ssljava.html