Apptivity Client Authentication with SSL using certificates
Apptivity Client Authentication with SSL using
CA certificates
This document applies to: Apptivity
Version and Release Number: 3.1
In an SSL connection, each side of a connection must have
a valid security certificate.
Each side of a connection sends the security certificate
to the other side.
Each side of the connection then sends encrypted information
from both its own and the other side?s certificate.
This process ensures that only the intended recipient can
decode the message. It also ensures that the data came from
the expected location, and not some other sender, and that
the message has not been tampered with somewhere along the way.
Additional to having the OrbixWebSSL packages on
the 1. place in the classpath
certificates needed for the SSL communication are:
Encrypted private key, user certificate and
Certificate Authority Certificate(CA Certificate).
To use SSL that information has to be available
for the Apptivity client and ComponentManager in
files with the format of Privacy Enhanced Mail with file
extension PEM.
Example of properties to set for the Component Manager
if the encrypted private key is in the file key.pem encrypted
with the password test, the CA Certificate in file Cacert.pem
and the user certificate in file rwecert.pem located in it's
working directory to enforce Client Authentication:
apptivity.naming.host=pcrwe2
apptivity.cmanager.host=pcrwe2
apptivity.ssl=true
apptivity.ssl.certificates=rwecert.pem,CAcert.pem
apptivity.ssl.clientAuthentication=true
apptivity.ssl.caCertificates=CAcert.pem
apptivity.ssl.privateKey=key.pem
apptivity.ssl.password=test
The properties inside the clients <project>.properties would than
look like:
apptivity.cfactory=resolve
apptivity.cfactory.name=cfactory-cfactory
apptivity.cfactory.url=
apptivity.naming=locate
apptivity.naming.host=pcrwe2
apptivity.naming.port=2804
apptivity.naming.nameroot=NS
apptivity.ssl=true
apptivity.ssl.clientAuthentication=true
apptivity.ssl.certificates=rwecert.pem,CAcert.pem
apptivity.ssl.privateKey=key.pem
apptivity.ssl.password=test
apptivity.ssl.caCertificates=CAcert.pem
The above description is based on tests made with
Apptivity 3.1 build 221 appearing Client Authentication
with SSL working fine.
References To Written Documentation or Other
KnowledgeBase Documents:
Apptivity Update Booklet
KB-19167 : Steps to create SSL certificates and keys for Apptivity