In two-way SSL authentication, the SSL client application, which in this case is a web browser, verifies the identity of the SSL server application (RMS), and then the SSL server application verifies the identity of the SSL-client application.
Procedure
-
Follow the steps mentioned in the
Enabling One-way SSL Authentication in RMS to enable the SSL server verification, but do not restart RMS server yet.
-
In Studio Explorer, double click
to open it in the resource editor.
-
In the resource editor, click
Configure SSL.
The SSL Configuration for HTTPS Connections window is displayed.
-
In the
SSL Configuration for HTTPS Connections window, select the
Requires Client Authentication checkbox and click
OK.
-
In the BusinessEvents Studio, regenerate the BRMS project EAR file (RMS.ear) and save it at
BE_HOME/rms/project/. See
TIBCO BusinessEvents Developer's Guide for more details.
-
Restart the RMS server.
-
Open your web browser and import the
WSClientStore.p12
certificate file in the web browser from the location
BE_HOME/rms/config/security/. Refer to your web browser’s help on how to import certificate in it.
Result
To verify, type the URL
https://localhost/WebStudio/in the same web browser and press
Enter. No port is required as default SSL port is used. The web browser displays a confirmation window to select your SSL client certificate and send it to the SSL server. After that the web browser notifies you about the untrusted certificate from the SSL server.
Copyright © TIBCO Software Inc. All Rights Reserved.