SSL configurations for service requests

 

+

Search Tips   |   Advanced Search

 

Overview

SSL configurations can be associated with any service request that uses the HTTP or WebSphere MQ transport protocols.

If you are using SSL, ensure that you have valid certificate keystore files in workspace.

If you are using SOAP security, ensure that you have configured the environment with the correct libraries and configuration files.

Create an SSL authentication configuration

1. Click the Generic service client toolbar push button to open the generic service client, and click the Transport tab.

2. Either open an existing HTTP or WebSphere MQ protocol, or create a one, and then click Open SSL Editor.

3. Click Rename to rename the default SSL configuration or New to create one.

4. Specify the following settings for the SSL configuration.

   Single Authentication

   This section describes how the client trusts the server.

   Always trust server

   Select if no authentication is required or to ignore server certificates so that all servers are trusted. If you are using single authentication and to accept trusted servers only, then disable this option and specify a truststore containing the trusted server certificates.

   Client truststore

   When you are using single authentication, the client truststore contains the certificates of all trusted servers. Click Browse to specify a KS, JKS, or JCEKS file containing valid certificates of the trusted servers.

   Password

   If the client truststore file is encrypted, type the password required to access the file.

   Double Authentication

   This section describes how the server trusts the client.

   Use client certificate

   If you are using double authentication, select this option to specify a keystore containing the client certificate. This certificate allows the server to authenticate the client.

   Client certificate keystore

   Click Browse to specify a KS, JKS, or JCEKS file containing a valid certificate that will authenticate the client.

   Password

   If the client truststore file is encrypted, type the password required to access the file.

   You can copy the contents from an SSL configuration into another SSL configuration by using Copy and Paste in the SSL editor.

5. Click OK to create the configuration, and close the SSL editor.

What to do next

When the SSL configuration is created, you can use the SSL configuration with any service call that uses SSL certification. You can use the SSL editor to edit existing configurations.

Related

• Generic service client overview
• Create a WebSphere MQ transport configuration
• Create an HTTP transport configuration
• Create a JMS transport configuration