IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Back to discussions
Expand all | Collapse all

Certificate Authentication in Trading Networks Partner communication

  • 1.  Certificate Authentication in Trading Networks Partner communication

    Posted Sat June 14, 2014 07:44 AM

    Hi Experts,

               I am using wm IS 8.2.2. I have created private key and corresponding self signed certificate using OpenSSL. I have specified the certificate and private key in Enterprise Profile's Certificates/SSL Client tab. I didn't specify in my partner profile. I want to know the cases where and when the Authentication will be done in document exchange.

    Do i need to change anything more…?

    Thanks.


    #B2B-Integration
    #Integration-Server-and-ESB
    #webMethods


  • 2.  RE: Certificate Authentication in Trading Networks Partner communication

    Posted Mon June 16, 2014 03:04 PM

    IF you are giving your HTTPS url to the TP related to the cert you have configured on the Sender profile the TP may need your public/CA cert loaded for the handshaking or auth to work reaching your URL incase the request coming to the TN for example AS2 etc…

    HTH,
    RMG


    #webMethods
    #B2B-Integration
    #Integration-Server-and-ESB


  • 3.  RE: Certificate Authentication in Trading Networks Partner communication

    Posted Tue June 17, 2014 03:10 AM

    Thanks for your response “rmg”,

                                            Here we have 2 Integration servers & are exchanging documents (xml) through Trading Networks. In my Enterprise Profile, i have configured certificate and private key. My partner is sending documents to me (via Immediate Delivery using Primary HTTP). While sending i want to provide authentication using certificate.Please Tell me, what changes i need to do.

    #B2B-Integration
    #webMethods
    #Integration-Server-and-ESB


  • 4.  RE: Certificate Authentication in Trading Networks Partner communication

    Posted Wed June 18, 2014 08:48 AM

    Hi Akash,

    Please correct me if I misunderstood your query.

    1. You want to test message encryption and client authentication using self-signed certificate.

    B2B communications are mostly secure. It is must to communicate over SSL for EDIINT, SWIFT and other eStandards while message encryption is optional.

    Steps to make it happen:

    1. Define Enterprise with certificate. Depending on capability of cert, set Sign/Verify, Encrypt/Decrypt, SSL.
    2. Define Partner TN with Certificate. Depending on capability of cert, set Sign/Verify, Encrypt/Decrypt, SSL.
    3. Your partner and your enterprise have to define each other profiles in TN with certificates. [Assuming you have exchanges your certificate with complete cert chain]
    4. Assuming you set HTTPS port:

    Security Configuration
    Client Authentication Require Client Certificates
    Listener Specific Credentials (Optional)
    Keystore Alias XXX_pk
    Key Alias enterprise_pk
    Truststore Alias partners_cacerts

    HTH.

    Thanks,
    Rankesh

    P.S. Please cross-verify in TN admin guide, in case I missed something.


    #Integration-Server-and-ESB
    #B2B-Integration
    #webMethods


Related Content