How to setup SSL amp client auth for broker

Hi. I have been trying to setup SSL for client authentication using awcert in \wment41\bin. I’m doing this first on the webMethods install on my laptop (Win 2000), and then I will be doing it on Solaris.
There seems to be bits and pieces of info in the Admin & Analysis guide and in the html file Enterprise+Server+SSL+config.html

Has anyone been through this setup before ? What’s the recommended tool to sign the certificate on Win 2000? Does anyone have a summary checklist on what needs to be done ?

Regards,

Wayne

I have done it and funny you should ask. We set ours up last year and the certificates exire this weekend. I’m going to post about renewing them.

If you have questions, feel free to email me:

nigel_belanger@spartanstores.com

Take care…

Hi Nigel, thanks for the reply. If you can provide information on how to do this it would be great. Which document did you use ? What are the “gotchas” ?

Regards,

Wayne

Lindsey, thanks for the detailed information.
Where did you find the instructions on how to do this ?

We will be using Verisign for production. I was hoping to use self-signed certificates just for my own laptop.

Regards,

Wayne

webMethods Enterprise administration & Analysis Tools Chapter 10
There is no step by step instruction except where i did it above, just read all the manuals and start doing.

Lindsey, thanks very much. Your detailed instructions above will be a valuable reference.

Regards,

Wayne

Has anyone attempted to renew the expired certificates? What procedure did you guys follow?

Hey Wayne,

I have been trying to do exactly as you have mentioned above, and repeated the exact sequence as Lindsay has stated. My problem is when I try to set the SSL certificate file in the Enterprise Manager via the Server properties it gives me an empty dialog box with “Expired Certificates not shown” as the message at the bottom. I have been trying to work with a test certificate from Thawte for a small POC. Did you encounter a similar problem.

Rohit

Can we have multiple DNs in a single certificate

Well, Haven’t tried Multiple DNs, but certificate files generated using awcert are certificate storage, and they can store multiple certificates.