M
Michael Jacobs
Guest
Hi Tim, Yes, it is possible, just not simple. The detailed client side instructions will depend on what type of client you have. In general the client will have to: 1) create a set of keys 2) obtain a signed certificate by CA by supplying them with the public key 3) configure the client to connect to the WSA's server using HTTPS and supply the configuration options for where the client's private key is, where the client's digital certificate is, and what the password is to the client's private key 4) The server side will need a copy of the CA's certificate so that it can validate the client's certificate when it is received by the server Have you changed the WSA's web.xml to specify a security constraint that requires a HTTPS connection? Otherwise the web application will accept either HTTP or HTTPS. That help? Mike J.
Continue reading...
Continue reading...