Protecting resources with user certificate authentication

We can protect the application or adapter procedures with the user certificate authentication user realm.

Follow the steps to configure the user certificate authentication user realm to protect the application or adapter procedure.

1. Create a MobileFirst project.

2. Create a new hybrid MobileFirst application.

3. Configure the challenge handlers for the dependent realm. These challenge handlers help establish the identity of the user as part of the enrollment process. See User certificate authentication on the client.

4. Configure the server.

   1. Configure the WAS Liberty profile server. See Configure the Liberty profile.

   2. Configure the server for HTTPS. See SSL configuration.

   3. Configure an embedded public key infrastructure (PKI) or external PKI. See PKI bridge configuration.

   4. Uncomment out the wl_UserCertificateAuthRealm realm elements in the authentication configuration and update it as needed. See Update the server authentication configuration.

5. Edit the application descriptor to specify the security test that enforces certificate authentication of the user. We can protect the application or the adapter.

6. Install the root certificate authority (CA). See Configure SSL using untrusted certificates.

7. Complete the deployment to the server.

8. Install the application on the client.

What to do next

For a more comprehensive sample, see the tutorials on the Get Started page.

Parent topic: User certificate authentication