• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Knute Snortum
  • Bear Bibeault
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Tim Holloway

<sc:Trustore> is missing on server side's WSIT configuration file

 
Ranch Hand
Posts: 1738
12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
According to WSIT tutorial chapter 6 mutual certificate security, it demonstrates how to create a server side WSIT configuration file for mutual authentication.
It says make sure sc:KeyStore> is in the file. But why it does not have <sc:TrustStore> to authenticate the client?
This is an example I generated:
 
Creator of Enthuware JWS+ V6
Posts: 3288
296
Android Eclipse IDE Chrome
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am not sure what you are asking because in chapter 6 they explain how to secure the client and server, and this is the description of Mutual Certificates Security:

Mutual Certificates Security

The Mutual Certificates Security mechanism adds security via authentication and message protection that ensures integrity and confidentiality. When using mutual certificates, a keystore and truststore file must be configured for both the client and server sides of the application.

 
Himai Minh
Ranch Hand
Posts: 1738
12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your reply.
When mutual authentication is used, the server should have a trust store to authenticate the client's certificate.
But in the previous example, after line 55, there is no <sc:trustStore>..... node on the server side's WSIT config file.

However in the client side's WSIT config file, there is a keyStore and trustStore like this as shown in chapter 6:

Simplified server side WSIT config file :
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!