You can create a Secure Sockets Layer (SSL) configuration
that describes the settings for a service request that uses SSL certification
mechanisms. SSL configurations can be associated with any service
request that uses the HTTP or IBM® WebSphere® MQ transport protocols.
Before you begin
If you are using SSL, ensure that you have valid certificate
keystore files in your workspace.
If you are using SOAP security,
ensure that you have configured the environment with the correct libraries
and configuration files. See Configuring the environment for SOAP security for
more information.
About this task
If you have to use different mutual SSL authentications for
virtual testers in a test, you can create a datapool that stores all
of the trust aliases names. In the test editor, in the
SSL
Configuration tab, you add a SSL configuration and associate
it with the datapool. When a schedule is run, the SSL configuration
is applied to each virtual tester.
Procedure
- Click the Generic service client toolbar push button to open the generic service
client, and click the Transport tab.
- Either open an existing HTTP or WebSphere MQ transport configuration, or
create a new one, and then click Configure SSL.
- Click Rename to rename
the default SSL configuration or New to
create one.
- Specify the following settings for the SSL configuration.
- Server Authentication
- This section describes how the client trusts the server.
- Always trust server
- Select this option if no authentication is required or to ignore
server certificates so that all servers are trusted. If you are using
single authentication and you want to accept trusted servers only,
then disable this option and specify a truststore that contains the
trusted server certificates.
- Client truststore
- When you are using single authentication, the client truststore
contains the certificates of all trusted servers. Click Browse to
specify a KS, JKS, or JCEKS file containing valid certificates of
the trusted servers.
- Password
- If the client truststore file is encrypted, type the password
required to access the file.
- Mutual Authentication
- This section describes how the server trusts the client in addition
to server authentication.
- Use client-side certificate
- If you are using double authentication, select this option to
specify a keystore containing the client certificate. This certificate
allows the server to authenticate the client.
- Client certificate keystore
- Click Browse to specify a KS, JKS, or JCEKS
file containing a valid certificate that authenticates the client.
- Password
- If the client truststore file is encrypted, type the password
required to access the file.
- Select trust alias for Mutual Authentication
- Select an alias to be used for the SSL configuration. There could
be multiple aliases in a keystore for different security certificates.
Choose an appropriate alias for a user. You can also use datapool
to store aliases that you can apply to virtual users at run time.
Note: You can copy the contents from an SSL configuration
into another SSL configuration by using
Copy and
Paste in
the SSL editor.
- Click OK to create the configuration,
and close the SSL editor.
What to do next
When the SSL configuration is created, you can use the SSL
configuration with any service request that uses SSL certification.
You can use the SSL editor to edit existing configurations.