Topic
  • 2 replies
  • Latest Post - ‏2012-06-18T08:15:30Z by IvanIliev
IvanIliev
IvanIliev
4 Posts

Pinned topic Certificate based authentication and SSL two way handshake questions

‏2012-06-15T07:57:02Z |
Hello,

The first part of my question is about certificate based authentication. Is there any way, after having chosen Basic Authentication in the installation, to switch to Certificate based authentication for the registry (other than reinstall)?
The second part is about using a two-way handshake SSL authentication. How would I go about doing that, could you point me to existing documentation about this (if any, because I looked but might have missed it) - basically interested in information key store/trust store creation/management and generation/export/import of server/client certificates.

Thanks in advance for your help :)
Updated on 2012-06-18T08:15:30Z at 2012-06-18T08:15:30Z by IvanIliev
  • UmeshParulekar
    UmeshParulekar
    1 Post

    Re: Certificate based authentication and SSL two way handshake questions

    ‏2012-06-15T14:14:33Z  
    For the first part, For the Registry server there is no way to switch from Basic Authentication to Certificate based authentication other than reinstall. However if you have Registry server installed with Certificate based authentication, you can set it up to fall back to Basic Authentication (if certificate authentication fails). You can do it by setting a check box on the "Global Security" -> "Web security - General settings" on WebSphere console page.

    some of these links may help with the second question
    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=%2Fcom.ibm.websphere.nd.multiplatform.doc%2Finfo%2Fae%2Fae%2Fcsec_ssl_clientauth.html
    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=%2Fcom.ibm.websphere.nd.multiplatform.doc%2Finfo%2Fae%2Fae%2Ftsec_sslcreateselfsigncert.html
  • IvanIliev
    IvanIliev
    4 Posts

    Re: Certificate based authentication and SSL two way handshake questions

    ‏2012-06-18T08:15:30Z  
    For the first part, For the Registry server there is no way to switch from Basic Authentication to Certificate based authentication other than reinstall. However if you have Registry server installed with Certificate based authentication, you can set it up to fall back to Basic Authentication (if certificate authentication fails). You can do it by setting a check box on the "Global Security" -> "Web security - General settings" on WebSphere console page.

    some of these links may help with the second question
    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=%2Fcom.ibm.websphere.nd.multiplatform.doc%2Finfo%2Fae%2Fae%2Fcsec_ssl_clientauth.html
    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=%2Fcom.ibm.websphere.nd.multiplatform.doc%2Finfo%2Fae%2Fae%2Ftsec_sslcreateselfsigncert.html
    Thanks for the reply, I'll look into these and I'll ask again if i have any problems.