Hi Rajjaz, Could you explain why your solution superior to 2-way SSL?
thanks, Dimuthu On Tue, Jan 26, 2016 at 12:29 PM, Rajjaz Mohammed <raj...@wso2.com> wrote: > Hi all, > I have planned to Implement X509 certificate as IS authenticator. the > flow of authentication will be like described in below image[1]. > > Flow of X509 certificate authentication [2] > > 1. The client opens a connection to the server and asks the server to > authenticate itself. > 2. The server authenticates itself and -- optionally -- asks the > client to authenticate itself. Client authentication, while possible with > SSL, is seldom used in most SSL transactions. > 3. The client authenticates itself. If the client desires an encrypted > connection, it takes steps to establish one. > 4. The client begins the transaction. > > So, we generate a certificate for our sever and we will provide/issue it > to our clients, if our clients need to connect to our server they browser > must need to have that certificate. it will be one time configuration if > client set the certificate one time then he no need to care about > certificate. > > This is my basic Idea so If you have anything to add/change X509 > certificate authentication please ad in this thread. > > > [1] > [image: Inline image 1] > [2] > http://www.javaworld.com/article/2075188/learn-java/construct-secure-networked-applications-with-certificates--part-4.html > > > > > -- > Thank you > Best Regards > > *Rajjaz HM* > Associate Software Engineer > WSO2 Inc. <http://wso2.com/> > lean | enterprise | middleware > Mobile | +94752833834 > Email | raj...@wso2.com > LinkedIn | Blogger | WSO2 Profile > <http://wso2.com/about/team/mohammer_rajjaz/> > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Dimuthu Leelarathne Director WSO2, Inc. (http://wso2.com) email: dimut...@wso2.com Mobile : 0773661935 Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
