Administration Guide > TDV and SSL Authentication > Setting Up SSL > Setting Up Client Authentication for Web Data Sources
 
Setting Up Client Authentication for Web Data Sources
When Web data sources require client authentication, a keystore must be specified to identify the TDV Server to the provider. The TDV Server configuration keystore key alias has a default value that names a sample keystore, so that you can use client authentication immediately upon installation.
If the TDV configuration settings for keystore alias (or for keystore alias) are set to null, the method described below to comply with client authentication requirements is used for Web data sources. The TDV configuration to use a specific keystore key alias overrides keystore specification defined on individual data sources.
To specify a keystore to comply with client authentication requirements
1. Open the Web data source in Studio.
2. Click the Advanced tab in the New Physical Data Source window.
3. Click Import Certificate Key Store from File to import the certificate.
Studio displays a dialog to specify the certificate.
You can choose a JKS or PKCS12 certificate keystore for authentication between TDV and any Web data source that requires a trusted certificate.
4. If you want to remove a keystore file, select it from the list and click Clear Certificate Key Store.
5. If you want to export the current certificate keystore to a JKS or PKCS12 file, click Export Certificate Key Store to File.
6. Optionally, set the Channel Pass-through field to a name or names that correspond to values passed in the HTTP request header for login authentication or for other purposes.
The Channel Pass-through is a comma-separated list of the names of HTTP request header properties that are to be passed through to the WSDL, XML, or HTTP data source.
If the data source expects a property with a name different from what was originally sent in the HTTP request header, you can change the property name. Put the name expected by the data source on the left side of an equal sign, and the original property name on the right.
7. Optionally, on the Advanced tab, add one or more environment variables the Environment Pass-through field to pass through to the WSDL, XML, or HTTP data source for login authentication or other purposes.
You can set environment variable names and values by calling the SetEnvironment procedure. See the Info tab for /lib/util/SetEnvironment in the Studio resource tree, or the TDV Application Program Interface Guide, for more information.
Property names in the Environment Pass-through field can be renamed before they are passed to the data source, just as they can with channel pass-through.
8. Optionally, specify the Execution Timeout (msec) period for REST data sources.
Execution Timeout is the number of milliseconds that an execution query on the data source is allowed to run before it is canceled. A value of zero (default) disables execution timeout, which you can use, for example, for resource-intensive cache updates set to run at non-peak processing hours.