Yep, I’m looking for trust between my webserver and Appserver w/o client authentication. I’m not worried about trust between my web browser and webserver as I’m not looking for that now.
Warm Regards, Naveen Kumar Reddy N IBM Middleware WAS-MQ Tower Lead ( WalMart ) Toll Free Number - 866-912-0282(B),855-755-9356(H) Mail: nkna...@wal-mart.com<mailto:nkna...@wal-mart.com> SLACK Channel:: middleware_l2 [cid:image001.jpg@01D26CB2.5110A6F0] Middleware ServiceNow Service Catalog Task Policy:: https://collaboration.wal-mart.com/display/IPSMW/Service+Now+Service+Task+Catalog+Policy Middleware ServiceNow Change Control Policy :: https://collaboration.wal-mart.com/display/IPSMW/Change+Control+Policy Middleware Customer Page:: https://teams.wal-mart.com/sites/Middleware/Customers/Pages/default.aspx From: Eric Covener [mailto:cove...@gmail.com] Sent: Sunday, February 11, 2018 12:39 PM To: users@httpd.apache.org Subject: EXT: Re: [users@httpd] Mutual authentication between Apache HTTP server and an application server. On Sun, Feb 11, 2018 at 1:33 PM, Naveen Nandyala - Vendor <naveen.nandy...@walmart.com<mailto:naveen.nandy...@walmart.com>> wrote: On Apache I’m using 3rd party signed certificate. And I’ve added Apache root certificate to WAS truststore to trust my Apache. Similar way I want to add my WAS certificate to Apache to trust my Application server. On WAS end I’m having a self-signed certificate. Below two parameters determine my Apache server certificate this contains certificate of my virtual which end user access. SSLCertificateFile /u/applic/tc/HTTP/config/ssl/virtual.pem SSLCertificateKeyFile /u/applic/tc/HTTP/config/ssl/virtual.key I’m struckup on how can I add my websphere certificate on to Apache truststore. Earlier I was using IBM HTTP server and Plugin instead of Apache where I’ve kdb file where I used to add Websphere server personal certificate to signer certificates of HIS in kdb file. But in Apache as I use pem and key files unable to find exactly where I can add websphere certificate for mutual authentication. From Apache documentation I see it doesn’t support encrypted private keys. You seem to be jumping back and forth between distinctly different problems. I suggest tackling one problem at a time, e.g. getting the trust right w/o client authentication.