Not sure if this belongs in security or websphere but i'll go with WebSphere as I think the client-cert issues may be exclusive to WAS. Current environment is WAS 4.0.7 and IHS 220.127.116.11 on both XP and AIX (servers reside on the same box). We have an application, specifically an Axis based web service, that can easily be secured using <auth-method>basic</auth-method>. What needs to be updated/changed to get <auth-method>client-cert</auth-method> to work? Is there config that must be done to IHS (beyond enabling SSL) - or is this solely a WAS config issue? Furthermore, which certs need to be where (assuming that we also have a java client). Does anyone have instructions on how to do this? Does anyone know if this is easier to do in WAS 5.1 than WAS 4.0.7?
Don't count your weasels before they've popped. And now for a mulberry bush related tiny ad: