Versions Compared

Old Version 1

changes.mady.by.user Petteri Kivimäki

Saved on

compared with

New Version 2

changes.mady.by.user Petteri Kivimäki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Before starting the configuration steps, please make sure that you have you have access to the backend information system’s client certificate that’s used for TLS authentication.

A self-signed certificate can be generated using the command below:

Code Block
openssl req -x509 -newkey rsa:2048 -keyout mykey.pem -out mycert.pem -days 365 -nodes

The command generates a private key (mykey.pem) and a certificate (mycert.pem).

Prerequisites

Before starting the actual configuration steps, the certificate ID of the backend system’s client certificate must be constructed.

...

  1. Create a new plugin user using the “Certificate” type.

    1. Image RemovedImage Added

  2. Type in the Plugin User details - including the certificate ID.

    1. Image RemovedImage Added

  3. Click OK and then Save.

  4. Import the backend information system’s client certificate to the Access Point’s TLS truststore following these instructions.

  5. Send a test request using the Original User and its certificate. For example:

    1. Code Block
      curl -E <MY_CERT>.pem --key <MY_KEY>.pem --header "Content-Type: text/xml;charset=UTF-8" --data @<MY_REQUEST_FILE>.xml https://<MY_AP_HOST>:8443/services/backend -v -k

...