How to create a service that can call the HTTPS?
I defined my certificate in " security-> certificates-> configure customer certificates " >> certificat.cer
I would like to know how to request HTTPS.
I read that it was necessary to make:
1 °) To Use the service pub.security:setKeyAndChain
2 °) Make a http requete normal with pub.client:http
3 °) To Use the service pub.security:setKeyAndChain
How works pub.security:setKeyAndChain because I do not understand what I have to put in privKeyFile and certFiles ?
Thank you for your help.
Maxime: I recomend you to read 8-0-SP1_Administering_Integration_Server.pdf chapter 14.
Step1) Create a keystore with the keytool command.
Step2) Export the certificate .cer (keytool)
Step4) Import the certificate into the trustStore (keytool)
Step3) Configure a keystore and trustStore in IS.
Read the chapter, do this things and come back for more help in case you need it.
I am trying to set a Client Certificate with setKeyAndChain.
I generated and self-signed the keys with openssl following the instructions at http://codeghar.wordpress.com/2008/0…-with-openssl/. Then I converted them to DER format and imported them to the local windows “Trusted Root Certification Authorities” keystore ,.
From my opinion everything looks ready for the two-way handshake (the one-way handshake works if the partner abandons the client certificate).
But I always get a “java.io.IOException: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: certificate unknown” exception.
Is there a HowTo that describes the creation of self-signed certs and the use of the setKeyAndChain service? Could you please describe step by step if not?
Thanks in advance,