Two-Way SSL Authentication

The identities of the client and server are both represented by digital certificates in two-way SSL.

Currently, Salesforce supports both self-signed and CA-signed certificates. To configure the two-way SSL authentication, perform the following steps:

Procedure

  1. Log on to Salesforce.com and click Build > Create > Workflow & Approvals > Outbound Messages from the left panel.
    All outbound messages are displayed in the All Outbound Messages panel.
  2. Click the one you want to use.
    The Workflow Outbound Message Detail panel is displayed.
  3. Right-click Click for WSDL, next click Save Link As.
  4. Type a file name or accept the default name to save the .wsdl file to your local directory.
  5. Copy the .wsdl file into your project.
  6. Configure Keystore Provider.
  7. Configure SSL Server.
    1. Select the Enable Mutual Authentication check box in the Basic SSL Server Configuration panel.
    2. Select required from the Client Auth Type list.
  8. Specify HTTP Connector and select the Confidentiality check box in the Security panel.
    Note: See TIBCO ActiveMatrix BusinessWorks Bindings and Palettes Reference on how to configure Keystore Provider, SSL Server and HTTP Connector.
  9. Click and configure the Salesforce Outbound Message Listener starter in the Process editor:
    1. Click the Choose/Create Default Resource icon to select the http connection you just created. Click OK.
    2. Click the Select Outbound wsdl file from workspace icon beside the WSDL field to select the .wsdl file imported. Click OK.
  10. Click File > Save.