Configuring Two-Way SSL Authentication

The two-way SSL authentication configuration is only used when the plug-in authenticates the connected Microsoft SharePoint server and the connected Microsoft SharePoint server also authenticates the plug-in.

Note: If you want to use a two-way SSL authentication to secure the message exchange between the plug-in and Microsoft SharePoint server, ensure that you select the Enable Mutual Authentication check box in the Basic SSL Server Configuration panel.

Procedure

  1. Generate a keystore file in the PKCS #12 format that contains a valid certification for the client.
    For example,

    Keytool -importkeystore -destkeystore identity.jks -deststorepress password -srckeystore identity.p12 -srcstoretype PKCS12 -srcstorepass password

  2. Specify the x509 certificate FQDN on the Configuration page of the Notification Configuration Management tool.

    See SharePoint HTTP Notification Configuration Management Tool for more information.

  3. Configure the SSL server authentication for the SSL Server Configuration shared resource in TIBCO Business Studio:
    1. Export the certification, and save it in the .cer format, and then import the .cer file to the Trust Store.
    2. Select the Enable Mutual Authentication check box in the created SSL Server Configuration shared resource, as described in Configuring One-Way SSL Authentication.
    3. In the Client Auth Type field, select required to establish a two-way SSL authentication.
    4. In the Keystore Provider as Trust Store field, click to select a Keystore Provider resource.
      The selected Keystore Provider resource provides access to a trust store. The plug-in accesses the keystore to verify the identity of the connected Microsoft SharePoint server.

      If no Keystore Provider resource is available, click Create Shared Resource to create one. See Creating a Keystore Provider Resource for more details.