Broker 10.5 | webMethods Broker Documentation | Administering webMethods Broker | Managing Broker Security | Securing Broker Server Using SSL | One-Way and Two-Way SSL Authentication
One-Way and Two-Way SSL Authentication
SSL Authentication and Broker Port Usage
Broker Server Identity and SSL
The Broker security model allows you implement one-way or two-way SSL authentication between the Broker Server and a client.
*One-way SSL authentication. A client with truststore but without keystore. If you configure the client for one-way SSL authentication, you establish a much higher level of security than with a non-SSL connection. In one-way authentication, the identity of the Broker Server is authenticated by the client, and must be guaranteed through the Broker Server’s SSL certificate before a connection is made.
You can also configure basic authentication with one-way SSL authentication. For more information, see Securing Broker Server Using Basic Authentication Over SSL.
*Two-way SSL authentication. A client with both keystore and truststore. If you configure the client for two-way SSL authentication so that both the Broker Server and the client connecting to the Broker Server must be SSL authenticated, you can fully implement the Broker security model. You will be able to configure ACLs to protect data and access to Broker administrative functions. With two-way authentication, each client must be associated with a signed digital certificate in order to establish an SSL connection.