Configure SSL for Java client authentication

WAS supports Java client authentication using a digital certificate when the client attempts to make a SSL connection. The authentication occurs during an SSL handshake. The SSL handshake is a series of messages exchanged over the SSL protocol to negotiate for connection-specific protection. During the handshake, the secure server requests the client to send back a certificate or certificate chain for the authentication. To configure SSL for Java client authentication, consider the following questions...

If you answer yes to all of these questions, you can configure SSL for Java client authentication.

Note that Java client authentication using digital certificates is supported only by the CSIv2 authentication protocol.

  1. Configure CSIv2 for SSL client authentication.

  2. Add keystore files.

  3. Add truststore files.

  4. Save changes.

  5. Restart the server if you have configured the server.

 

Usage Scenario

If a connection problem occurs, you can set a Java property, javax.net.debug=true, before you run your client or your server to generate debugging information. See Troubleshooting security configurations for further information about how to debug an IBM JSSE problem.

 

See Also

Authentication protocol for EJB security
Creating a SSL repertoire configuration entry
Managing digital certificates
Cryptographic token settings