Previous Topic: Use SSL with Multiple CertificatesNext Topic: Using HTTPS Communication with the DevTest Console


Mutual (Two-Way) Authentication

You can configure DevTest so that the server and client both need to authenticate each other. This type of authentication requires you to set a property on the server side:

lisa.net.clientAuth=true

In addition to each client needing a server certificate in the client trustStore, the server component needs a client certificate for each client in the server trustStore:

serverA>keytool -importcert -alias clientX -file clientX.cer -keystore trustStore.ts 
serverA>keytool -importcert -alias clientY -file clientY.cer -keystore trustStore.ts

If clientZ attempts to connect to serverA, the connection fails because serverA does not have the clientZ certificate in the serverA trustStore. This failure occurs even though clientZ has the serverA certificate in the clientZ trustStore.