Restriction: This topic applies only when the Enterprise Server feature is enabled.
You can configure that any clients that communicate with your server must supply a certificate. This sets up SSL links for peer-to-peer communication (as opposed to client/server communication)
To request or require a certificate from clients who communicate with your server:
- Connect to ES Admin, for example by entering
http://localhost:86 in your Web browser.
- Select the enterprise server you want, such as ESDEMO. Stop it if it is started, and then click
Edit.
- Go to the
Listeners page.
- Select the HTTPS listener you want (if you can't see the one you want, set the
Process filter to
All), and click
Edit
.
- Check
Secure Sockets Layer.
- Click
SSL Options and then:
- Check the appropriate option to request or require client certificates.
- Enter the CA root certificate of the CA who signed the client cerificate.
If the CA who signed the client's certificate is not trusted, communication is prevented. If you want to trust the signing CA, you can add it to your trusted CAs by updating the relevant certificates options in your browser.