Prerequisites to Configuring a Port for SSL
Before configuring an HTTPS, FTPS, or e-mail port, you must configure the server to use SSL and obtain the certificates that the server uses to validate client certificates. In addition, for two-way SSL authentication (server also authenticates client), the certificate for the partner application must have an Integration Server certificate mapping.
Obtain CA certificates. These are the trusted root certificates that the server uses to validate client certificates. One way to obtain these certificates is to extract them from a web browser. Most web browsers that support SSL are shipped with the certificates of well-known certificate authorities. Make sure the certificates are in DER format; if not, convert them to DER format using your certificate management tool (such as Java
keytool).
Configure a certificate mapping for the partner application or resource. If the partner application or resource that exchange information with
Integration Server must be authenticated using SSL, then that partner or resource must have a certificate mapping. These certificates should be stored in the truststore and an alias created for the truststore prior to using them with
Integration Server. For information, see
Authenticating Clients.