Supported SSL Authentication Types
Integration Server supports one-way and two-way SSL authentication types. In both authentication types, the SSL server sends a certificate. In two-way authentication, during the SSL handshake, the SSL server requests a client certificate from the SSL client.
In a
one-way SSL authentication, an anonymous client authenticates the credentials of a server in preparation for setting up a secure transaction. In most cases, the server knows nothing about the client's identity because verification of its credentials is not required. When desired, however the client can be authenticated by means such as basic username/password.
This type of authentication typifies connections where a browser establishes a connection to an Internet server to perform a secure transaction (for example, viewing a savings account, or buying items with a credit card). The client must authenticate the server's credentials before initiating the transaction, but it is not necessary (nor would it be practical) for the server to authenticate and keep a record of every possible client (browser).
For Integration Server, this type of connection is typically one where a partner application or resource needs to verify the authenticity of the Integration Server without itself needing to be authenticated.
In a
two-way SSL authentication, both client and server must authenticate each other's credentials before an SSL connection is established and information can be exchanged.
Unlike a one-way SSL authentication, both Integration Server and the partner application or resource require access to each other's SSL certificates in order to authenticate each other, establish an SSL connection, and transmit information. Compared to a one-way connection, a two-way SSL connection provides a much higher level of security.