Editing the sas.client.props file using the administrative console

 

Configure CSIv2 for Secure Sockets Layer client authentication

Client authentication using digital certificates is performed during Secure Sockets Layer (SSL) connection by completing this task.

About this task Complete the following steps to configure Common Secure Interoperability Version 2 (CSIv2) for SSL client authentication:

 

Procedure

  1. Start the administrative console.

  2. Configure CSIv2 inbound authentication.

    1. Expand Security > Global security.

    2. Under Authentication, click Authentication protocol > CSIv2 inbound authentication.

    3. Select Supported or Required for Client certificate authentication. If you selected Required, also configure the CSIv2 outbound authentication to support the client certificate authentication.

    4. Click OK.

  3. Optional: Configure CSIv2 outbound authentication.

    1. Expand Security > Global security.

    2. Under Authentication, click Authentication protocol > CSIv2 outbound authentication.

    3. Select either Supported or Required for Client certificate authentication.

      Important: If Client certificate authentication is Required for either inbound or outbound authentication, at least select Supported for the complementary authentication protocol. For example, for CSIv2 inbound authentication, if you select Required for Client certificate authentication, at least select Supported for Client certificate authentication when you configure CSIv2 outbound authentication.

  4. Create a SSL configuration repertoire. For more information, see the "Creating a Secure Sockets Layer repertoire configuration entry" article in the Information Center.

  5. Configure CSIv2 outbound transport.

    1. Expand Security > Global security.

    2. Under Authentication, click Authentication protocol > CSIv2 Outbound Transport.

    3. In the Transport field, select either SSL-required or SSL-supported. Select SSL-supported if your server must communicate with servers that do not support SSL authentication.

    4. In the SSL settings field, select the SSL configuration repertoire that you previously configured.

  6. Configure CSIv2 inbound transport.

    1. Expand Security > Global security.

    2. Under Authentication, click Authentication protocol > CSIv2 Inbound Transport.

    3. In the Transport field, select either SSL-required or SSL-supported. Select SSL-supported if your server must communicate with servers that do not support SSL authentication.

    4. In the SSL settings field, select the SSL configuration repertoire that you previously configured.

  7. Save your configuration.

  8. Restart the server for the changes to become effective.

 

Results

Client authentication using digital certificates is performed during SSL connection. A secure client connects using SSL to a secure Internet Inter-ORB Protocol (IIOP) server with client authentication at the transport layer.

 

What to do next

Specify the keystore and truststore files in your configuration.


 

Related tasks


Editing the sas.client.props file for Secure Sockets Layer client authentication

Configuring Secure Sockets Layer for Java client authentication