Configuring Integration Server to Use One-way SSL
To configure
Integration Server for one-way SSL authentication
1. Using OpenSSL, create a self-signed certificate (mediator.cer) with the following command:
openssl req -new -x509 -days 2000 -sha1 -newkey rsa:1024 -nodes
-keyout server.key -out server.crt -subj "/O=Company/OU=Unit/CN=localhost"
Whatever is specified in the CN section of the subject must match the hostname of the machine running the Mediator and is used to send requests to Mediator.
2. Create at least one keystore mediatorkeystore.jks, in PKCS#12 or JKS format, containing an Integration Server key pair to use for SSL and its corresponding key alias.
C:\deploykeystores\new>keytool -v -genkeypair -alias mediator
-keyalg RSA -validity 1000 -keystore mediatorkeystore.jks
Enter keystore password:
Re-enter new password:
What is your first and last name?
What is the name of your organizational unit?
What is the name of your organization?
What is the name of your City or Locality?
What is the name of your State or Province?
What is the two-letter country code for this unit?
Enter key password for <mediator>
<RETURN if same as keystore password>:
[Storing mediatorkeystore.jks]
C:\deploykeystores\new>
3. Export the Mediator's self-signed certificate mediator.cer into the CentraSite's truststore.
4. Configure an HTTPS port and specify the client authentication to Username/Password. The server prompts the client for a user ID and password.
5. On the Ports screen, click Edit to change the Access Mode. You may Set Access Mode to Allow by Default or Reset to default access settings.
For more information on configuring ports and client authentication, see webMethods Integration Server Administrator’s Guide.
6. Restart Integration Server.