Configure CSIv2 for Secure Sockets Layer client authentication

 

Before you begin

Configure the SSL client authentication using the sas.client.props configuration file or the administrative console. To configure a Java client application, use the sas.client.props configuration file. By default, the sas.client.props file is located in the install_root/profiles/profile/properties directory of your WAS installation.

To configure a WebSphere Application Server, use the administrative console. To start the administrative console, specify URL: http://server host_name:9060/ibm/console.

 

Overview

To configure a Java client application, complete the following steps, which explain how to edit the sas.client.props file directly:

 

Procedure

1. To require SSL client authentication, set property com.ibm.CSI.performTLClientAuthenticationRequired=true. Do not set this property unless you know your target server also supports SSL client authentication for the inbound CSI authentication protocol.

2. To support SSL client authentication, set the property com.ibm.CSI.performTLClientAuthenticationSupported=true.

3. To specify the CSI protocol, set the property com.ibm.CSI.protocol=csiv2.

4. To match the SSL protocol configured with your server, set the property, com.ibm.ssl.protocol, accordingly.

5. Specify the com.ibm.CORBA.ConfigURL property with the fully qualified path of your Java property file when you run your application. For example, -Dcom.ibm.CORBA.ConfigURL=file:/c:/WebSphere/AppServer/profiles/profile/properties/sas.client.props

---

 

See Also

Authentication protocol for EJB security

 

Related Tasks

Creating a Secure Sockets Layer repertoire configuration entry
Manage digital certificates

 

See Also

Cryptographic token settings

 

---