Enabling Two-way SSL Authentication in RMS
In two-way SSL authentication, the SSL client application, which in this case is a web browser, verifies the identity of the SSL server application (RMS), and then the SSL server application verifies the identity of the SSL-client application.
- Procedure
- Follow the steps mentioned in the Enabling One-way SSL Authentication in RMS to enable the SSL server verification, but do not restart RMS server yet.
- In Studio Explorer, double-click to open it in the resource editor.
- In the resource editor, click
Configure SSL.
The SSL Configuration for HTTPS Connections window is displayed.
- In the SSL Configuration for HTTPS Connections window, select the Requires Client Authentication checkbox and click OK.
- In the BusinessEvents Studio, regenerate the BRMS project EAR file (RMS.ear) and save it at BE_HOME/rms/project/. See TIBCO BusinessEvents Developer's Guide for more details.
- Restart the RMS server.
- Open your web browser and import the WSClientStore.p12 certificate file in the web browser from the location BE_HOME/rms/config/security/. Refer to your web browser’s help on how to import certificate in it.
ResultTo verify, type the URL
https://localhost/WebStudio/
in the same web browser and press
Enter. No port is required as default SSL port is used. The web browser displays a confirmation window to select your SSL client certificate and send it to the SSL server. After that the web browser notifies you about the untrusted certificate from the SSL server.