Websphere 5.1 mutual authentication issue
843833Aug 29 2005 — edited Aug 29 2005All,
I have been developing a web service client with axis that calls a web service hosted by a third party. The axis client is invoked from a struts action class in a websphere application. The web service is called over SSL and uses a client certificate to authenticate the client call (bi-lateral / mutual authentication).
I have created a relevant key and trust store, set the appropriate properties and all the usual stuff. I developed a test client application initially, then integrated the client into our J2EE app in WSAD, on which, it works fine. The application has been deployed to websphere and now I get an "unklnown certificate" exception.
After adding the third parties root CA certificate to the servers client trust store, the error is now replaced with a 403 Forbidden error stating that the site requires a client certificate.
So I added the client certificate to the key store but this does not seem to make any difference.
Does anyone know of any settings that need to be made to the server instance that will make this work as in WSAD?
Thanks in advance
Todd.