For SSL/TLS server authentication (the server needs to present a certificate to the client), the following properties need to be set in the Virtual Machine for the Java™ platform (JVM™) running the SSL/TLS client:
-Djavax.net.ssl.trustStore |
Defines the full path to the file containing the server's CA certificate(s). |
-Djavax.net.ssl.trustStoreType |
Takes a value of JKS (Java Key Store). |
In addition, the client's CA certificate needs to be imported into the certificate store/database of the server's web container and marked as a trusted issuer of client certificates.