Integration Server uses client certificates only for HTTPS or FTPS requests. If a port is configured to request or require client certificates, Integration Server requests the client's certificate during the SSL handshake process, after the client authenticates the credentials presented by Integration Server. What happens next depends on how your server is configured and whether the port is HTTPS or FTPS.

Integration Server automatically checks for a mapped user for certificates received at HTTPS ports. For requests received at FTPS ports, Integration Server checks for mapped users if the watt.net.ftpUseCertMap server configuration parameter is set to true.

For more information about how client authentication works for an HTTPS port, refer to the Client Authentication field descriptions in Adding an HTTPS Port. For information about how client authentication works for an FTPS port, see How Client Authentication Works for FTPS Ports.

If you are going to configure one or more ports to require client certificates, you must import the client certificates you will accept and map them to the users that you want the clients to log in as.

If you do not configure any ports to require client certificates, you might want to import client certificates and map them to users so that clients presenting these certificates can automatically log on as those users.