Certificate Authentication in Trading Networks Partner communication

Hi Experts,

           I am using wm IS 8.2.2. I have created private key and corresponding self signed certificate using OpenSSL. I have specified the certificate and private key in Enterprise Profile's Certificates/SSL Client tab. I didn't specify in my partner profile. I want to know the cases where and when the Authentication will be done in document exchange.

Do i need to change anything more…?


IF you are giving your HTTPS url to the TP related to the cert you have configured on the Sender profile the TP may need your public/CA cert loaded for the handshaking or auth to work reaching your URL incase the request coming to the TN for example AS2 etc…


Thanks for your response “rmg”,

                                        Here we have 2 Integration servers & are exchanging documents (xml) through Trading Networks. In my Enterprise Profile, i have configured certificate and private key. My partner is sending documents to me (via Immediate Delivery using Primary HTTP). While sending i want to provide authentication using certificate.Please Tell me, what changes i need to do.

Hi Akash,

Please correct me if I misunderstood your query.

  1. You want to test message encryption and client authentication using self-signed certificate.

B2B communications are mostly secure. It is must to communicate over SSL for EDIINT, SWIFT and other eStandards while message encryption is optional.

Steps to make it happen:

  1. Define Enterprise with certificate. Depending on capability of cert, set Sign/Verify, Encrypt/Decrypt, SSL.
  2. Define Partner TN with Certificate. Depending on capability of cert, set Sign/Verify, Encrypt/Decrypt, SSL.
  3. Your partner and your enterprise have to define each other profiles in TN with certificates. [Assuming you have exchanges your certificate with complete cert chain]
  4. Assuming you set HTTPS port:

Security Configuration
Client Authentication Require Client Certificates
Listener Specific Credentials (Optional)
Keystore Alias XXX_pk
Key Alias enterprise_pk
Truststore Alias partners_cacerts



P.S. Please cross-verify in TN admin guide, in case I missed something.