IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Back to discussions
Expand all | Collapse all

Why should we give PRIVATE key in setKeyAndChain service?

  • 1.  Why should we give PRIVATE key in setKeyAndChain service?

    Posted Sun July 15, 2012 08:12 PM

    Hi All,

    In SSL handshake, SSL server will send its digital certificate that contains its public key.

    Optionally server can request the client certificate from client.

    Client will send its public key digital certificate & CA certificate to the server.

    Doubt:

    Assume IS is going to invoke services in two more servers called A and B.

    “A” will accept the default certificates of the IS.

    But B will accept the certificate that is signed by their own CA.

    So before invoking the B server service, we will invoke the setKeyAndChain service and we will mention the absolute path of PRIVATE key. (This is what mentioned in the IS Admin pdf)

    Doubt is when we used to setKeyAndChain service why we are sending the PRIVATE key.

    In case if I misunderstood something here then please help me to understand.

    Thanks
    Devi


    #Integration-Server-and-ESB
    #webmethods-Protocol-and-Transport
    #webMethods


  • 2.  RE: Why should we give PRIVATE key in setKeyAndChain service?

    Posted Mon July 16, 2012 03:46 PM

    The private key won’t be sent to the other side.
    During SSL handshake, your public key will be sent to the other side. The other side will use it to encrypt session key. Once your system received the encrypted message, it will use your private key to decrypt the message.
    Without private key you won’t able to finish the handshake.


    #webMethods
    #Integration-Server-and-ESB
    #webmethods-Protocol-and-Transport


Related Content