In mutual authentication, both server and client-side authentication are enabled. To test mutual authentication, a client with a valid certificate must exist. For information on mutual authentication, see the Security chapter of The J2EE 1.4 Tutorial at http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html.
To enable mutual authentication for a specific application, use deploytool to set the method of authentication to Client-Certificate. For more information about using deploytool, refer to the Security chapter of The J2EE 1.4 Tutorial at http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html.
The Application Server uses the certificate realm for HTTPS authentication.
In the Admin Console tree component, expand the Configuration node.
Expand the Security node.
Expand the Realms node.
Select the certificate realm.
Click the Add Property button.
Restart the Application Server if Restart Required displays in the console.
After restarting the server, client authentication is required for all applications that use the certificate realm.