Transports and Interfaces: Siebel Enterprise Application Integration > EAI HTTP Transport > Examples Using HTTP Request >

Providing Client Certificate Information for TLS Mutual Authentication

In certain versions, Siebel Business Applications support client authentication for TLS-based communications (also known as mutual authentication) using the EAI HTTP Transport business service, and for workflows and outbound Web service calls that call the EAI HTTP Transport business service.

NOTE:  For information about the specific versions that support mutual authentication, see Article ID 560965.1 on My Oracle Support.

CAUTION:  It is strongly recommended to use Transport Layer Security (TLS) for best security, where possible. Using Secure Sockets Layer (SSL) is not supported for Siebel Business Applications. For current information about TLS support, see 1944467.1 (Article ID) on My Oracle Support. See also Siebel Security Guide.

If client authentication is enabled, then the Siebel Server presents a client certificate to an external Web server by supplying values for the EAI HTTP Transport parameters HTTPCertSerialNo and HTTPCertAuthority.

If the EAI HTTP Transport business service is invoked directly by Siebel eScript or a workflow, then you can specify the HTTPCertSerialNo and HTTPCertAuthority parameters by setting input properties (business service method arguments).

The following is an example of the code used to call the EAI HTTP Transport business service using Siebel eScript:

var oService = TheApplication().GetService("EAI HTTP Transport");

var oInputs = TheApplication().NewPropertySet();

var oOutputs = TheApplication().NewPropertySet();

oInputs.SetProperty("HTTPRequestMethod", "GET");

oInputs.SetProperty("HTTPRequestURLTemplate", sUrl);

// Set the Serial Number of the Client Certificate

oInputs.SetProperty("HTTPCertSerialNo", "00d802dc387dd867b9");

// Set the RDN for the CA of the certificate

oInputs.SetProperty("HTTPCertAuthority","E=cacert@oracle.com,CN=somecertcomputer,
OU=ca,O=oracle,L=boston,C=usa");

// Invoke EAI HTTP Transport

oService.InvokeMethod("SendReceive", oInputs, oOutputs);

NOTE:  If the EAI HTTP Transport business service is invoked indirectly by an outbound Web service, then you can specify the HTTPCertSerialNo and HTTPCertAuthority parameters as input arguments for the outbound Web Service Dispatcher. For information about setting parameters for the EAI HTTP Transport business service for outbound Web services, see Integration Platform Technologies: Siebel Enterprise Application Integration.

NOTE:  On the UNIX (MainWin) operating system, SHA-2 encryption is not supported for the EAI HTTP Transport.

For more information about configuring TLS mutual authentication using the EAI HTTP Transport, see Siebel Security Guide.