Creating SSL configurations

You can create a Secure Sockets Layer (SSL) configuration that describes the settings for a service request that uses SSL certification mechanisms. SSL configurations can be associated with any service request that uses the HTTP or IBM® WebSphere® MQ transport protocols.

Before you begin

If you are using SSL, ensure that you have valid certificate keystore files in your workspace.

If you are using SOAP security, ensure that you have configured the environment with the correct libraries and configuration files.

About this task

If you have to use different mutual SSL authentications for virtual testers in a test, you can create a dataset that stores all of the trust aliases names. In the test editor, in the SSL Configuration tab, you add a SSL configuration and associate it with the dataset. When a schedule is run, the SSL configuration is applied to each virtual tester.

Procedure

  1. Click the Generic service client Open the generic service client toolbar push button to open the generic service client, and click the Transport tab.
  2. Either open an existing HTTP or WebSphere® MQ transport configuration, or create a new one, and then click Configure SSL.
  3. Click Rename Rename to rename the default SSL configuration or New New to create one.
  4. Specify the following settings for the SSL configuration.
    Server Authentication
    This section describes how the client trusts the server.
    Always trust server
    Select this option if no authentication is required or to ignore server certificates so that all servers are trusted. If you are using single authentication and you want to accept trusted servers only, then disable this option and specify a truststore that contains the trusted server certificates.
    Client truststore
    When you are using single authentication, the client truststore contains the certificates of all trusted servers. Click Browse to specify a KS, JKS, or JCEKS file containing valid certificates of the trusted servers.
    Password
    If the client truststore file is encrypted, type the password required to access the file.
    Mutual Authentication
    This section describes how the server trusts the client in addition to server authentication.
    Use client-side certificate
    If you are using double authentication, select this option to specify a keystore containing the client certificate. This certificate allows the server to authenticate the client.
    Client certificate keystore
    Click Browse to specify a KS, JKS, or JCEKS file containing a valid certificate that authenticates the client.
    Password
    If the client truststore file is encrypted, type the password required to access the file.
    Select trust alias for Mutual Authentication
    Select an alias to be used for the SSL configuration. There could be multiple aliases in a keystore for different security certificates. Choose an appropriate alias for a user. You can also use dataset to store aliases that you can apply to virtual users at run time.
    Note: You can copy the contents from an SSL configuration into another SSL configuration by using Copy Copy and Paste Paste in the SSL editor.
  5. Click OK to create the configuration, and close the SSL editor.

What to do next

When the SSL configuration is created, you can use the SSL configuration with any service request that uses SSL certification. You can use the SSL editor to edit existing configurations.