Configuring Mutual Authentication

In mutual authentication, both server and client-side authentication are enabled. To test mutual authentication, a client with a valid certificate must exist. For information on creating a client certificate, see The J2EE 1.4 Tutorial at:

http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html

Enabling Mutual Authentication for the certificate Realm

The Application Server uses the certificate realm for HTTPS authentication.

To specify mutual authentication for all the applications that use this realm, follow these steps.

  1. In the Admin Console tree component, expand the Configurations node.
  2. Select the instance to configure:
    1. To configure a particular instance, select the instance’s config node. For example, the default instance, server, select the server-config node.
    2. To configure the default settings for all instances, select the default-config node.
  3. Expand the Security node.
  4. Expand the Realms node.
  5. Select the certificate realm.
  6. Click the Add Property button.
  7. Click Save.
  8. Restart the Application Server if Restart Required displays in the console.
  9. After restarting the server, mutual authentication requires client authentication for all applications that use the certificate realm.

Enabling Mutual SSL Authentication in an Application

To enable mutual authentication for a specific application, use deploytool to set the method of authentication to Client-Certificate. For more information about using deploytool, refer to the Security chapter of The J2EE 1.4 Tutorial at:

http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html.
Legal Notices