Using TIBCO ActiveMatrix BPM as the Authority for SSO Authentication

In a production environment, the client application will use its own processes and tools to generate the required certificates and keystores for SSO authentication.

Warning: The information in this section is provided only as an example, intended for development purposes. It should not be used as the basis of an SSO implementation in a production environment.

However, when you are prototyping or testing a client application that uses SSO authentication, you may want to generate certificates independently, without using the full production environment mechanisms.

In this situation, TIBCO ActiveMatrix BPM can act as its own certificate authority (CA).The following sections outline the steps required.

Note: To perform the steps described in the following sections, you must:
  • use suitable external tools to generate key pairs and keystores, and to generate and sign CA keys and certificates.
  • use TIBCO ActiveMatrix Administrator to configure the TIBCO ActiveMatrix runtime applications, resource instances (RI) and resource templates (RT) needed to access these keystores and certificates.