Configuring Mutual Authentication

• Enabling Mutual SSL Authentication in an Application

• To enable mutual authentication for all the applications

In mutual authentication, both server and client-side authentication are enabled. To test mutual authentication, a client with a valid certificate must exist. For information on mutual authentication, see the Security chapter of The J2EE 1.4 Tutorial at http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html.

Enabling Mutual SSL Authentication in an Application

To enable mutual authentication for a specific application, use deploytool to set the method of authentication to Client-Certificate. For more information about using deploytool, refer to the Security chapter of The J2EE 1.4 Tutorial at http://java.sun.com/j2ee/1.4/docs/tutorial/doc/index.html.

To enable mutual authentication for all the applications

The Application Server uses the certificate realm for HTTPS authentication.

1. In the Admin Console tree component, expand the Configurations node.

2. Select the instance to configure:

   • To configure a particular instance, expand the instance’s config node. For example, the default instance, server, expand the server-config node.

   • To configure the default settings for all instances, expand the default-config node.

3. Expand the Security node.

4. Expand the Realms node.

5. Select the certificate realm.

6. Click the Add Property button.

   1. In the Name field, enter clientAuth.

   2. In the Value field, enter true.

7. Click Save.

8. Restart the Application Server if Restart Required displays in the console.

   After restarting the server, client authentication is required for all applications that use the certificate realm.