• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

<sc:Trustore> is missing on server side's WSIT configuration file

 
Himai Minh
Ranch Hand
Posts: 1361
7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
According to WSIT tutorial chapter 6 mutual certificate security, it demonstrates how to create a server side WSIT configuration file for mutual authentication.
It says make sure sc:KeyStore> is in the file. But why it does not have <sc:TrustStore> to authenticate the client?
This is an example I generated:
 
Frits Walraven
Creator of Enthuware JWS+ V6
Saloon Keeper
Pie
Posts: 2536
113
Android Chrome Eclipse IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am not sure what you are asking because in chapter 6 they explain how to secure the client and server, and this is the description of Mutual Certificates Security:
Mutual Certificates Security

The Mutual Certificates Security mechanism adds security via authentication and message protection that ensures integrity and confidentiality. When using mutual certificates, a keystore and truststore file must be configured for both the client and server sides of the application.
 
Himai Minh
Ranch Hand
Posts: 1361
7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your reply.
When mutual authentication is used, the server should have a trust store to authenticate the client's certificate.
But in the previous example, after line 55, there is no <sc:trustStore>..... node on the server side's WSIT config file.

However in the client side's WSIT config file, there is a keyStore and trustStore like this as shown in chapter 6:

Simplified server side WSIT config file :
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic