Mutual authentication between asp.net and WAS application (Java)

views:

answers:

+2 Q:

Mutual authentication between asp.net and WAS application (Java)

I'm building a .net application that needs to consume a WAS (Java) based web service using SSL and mutual authentication.

Any pointers on how to go about doing this?

I know that somehow I need to create private and public certificates for both the server and client and that I need to install the public certificate for the server somewhere on the client and the public certificate of the client somewhere on the server.

I'm looking for .net code that shows how to make the call using the server public key. I'm also wondering if there is anything special that needs to be done when consuming a Java web service using .net.

You can envelope them with a SOAP request that can be sent over an SSL pipe.

Voulnet 2010-09-02 20:19:28

Do you know of any links that show how to do that? The SSL part doesn't sound too bad, but the exchanging of certificates is what I'm not so clear on.

metanaito 2010-09-02 20:31:02

Voulnet 2010-09-02 21:00:50

You need to put more details, so I'll be brief. You might need to use a random number and a hash or HMAC of that hash, or just a random number that is signed and/or encrypted using the private key of each entity, or better yet generate a part of the symmetric key which is encrypted by an entity using the other's private key. Anyways, explaining this might take a long time and deviate from your goal, so Google the WS-Security headers for SOAP. You WILL find your answer rather swiftly if you have a clear idea about your mutual authentication method.

Voulnet 2010-09-02 21:04:20

ansaurus

tags:

views:

answers:

Mutual authentication between asp.net and WAS application (Java)

related questions