Transports and Interfaces: Siebel Enterprise Application Integration > EAI HTTP Transport > Examples Using HTTP Request >

Providing Client Certificate Information for SSL Mutual Authentication

In certain versions, Siebel Business Applications support client authentication for SSL-based communications (also known as mutual authentication) using the EAI HTTP Transport business service, and for workflows and outbound Web service calls that call the EAI HTTP Transport business service.

NOTE:  For information on the specific versions that support mutual authentication, see Article ID 560965.1 on My Oracle Support.

If client authentication is enabled, the Siebel Server presents a client certificate to an external Web server by supplying values for the EAI HTTP Transport parameters HTTPCertSerialNo and HTTPCertAuthority.

If the EAI HTTP Transport business service is invoked directly by Siebel eScript or a workflow, you can specify the HTTPCertSerialNo and HTTPCertAuthority parameters by setting input properties (business service method arguments).

The following is an example of the code used to call the EAI HTTP Transport business service using Siebel eScript:

var oService = TheApplication().GetService("EAI HTTP Transport");

var oInputs = TheApplication().NewPropertySet();

var oOutputs = TheApplication().NewPropertySet();

oInputs.SetProperty("HTTPRequestMethod", "GET");

oInputs.SetProperty("HTTPRequestURLTemplate", sUrl);

// Set the Serial Number of the Client Certificate

oInputs.SetProperty("HTTPCertSerialNo", "00d802dc387dd867b9");

// Set the RDN for the CA of the certificate

oInputs.SetProperty("HTTPCertAuthority","E=cacert@oracle.com,CN=somecertcomputer,
OU=ca,O=oracle,L=boston,C=usa");

// Invoke EAI HTTP Transport

oService.InvokeMethod("SendReceive", oInputs, oOutputs);

NOTE:  In Siebel CRM version 8.1 and later, if the EAI HTTP Transport business service is invoked indirectly by an outbound Web service, then you can specify the HTTPCertSerialNo and HTTPCertAuthority parameters as input arguments for the outbound Web Service Dispatcher. For information on setting parameters for the EAI HTTP Transport business service for outbound Web services, see Integration Platform Technologies: Siebel Enterprise Application Integration.

NOTE:  The Transport Layer Security (TLS) protocol is not supported on the UNIX (MainWin) operating system for HTTPS calls to external Web servers. Make sure that the external Web server allows the use of the SSL 2.0 or SSL 3.0 protocol. Otherwise, WinInet error 12157 occurs on the Siebel Server.

NOTE:  On the UNIX (MainWin) operating system, 256-bit encryption is not supported for the EAI HTTP Transport. This level of encryption is not supported because it depends on the TLS protocol.

For more information on configuring SSL mutual authentication, using the EAI HTTP Transport, see Siebel Security Guide.