http://ab.edge-technologies.com/docs/index.php?action=history&feed=atom&title=Appboard%2F2.4%2Fadmin%2Fclient_certificatesAppboard/2.4/admin/client certificates - Revision history2026-05-22T14:00:03ZRevision history for this page on the wikiMediaWiki 1.38.4http://ab.edge-technologies.com/docs/index.php?title=Appboard/2.4/admin/client_certificates&diff=7644&oldid=previmported>Jason.nicholls: Created page with '{{DISPLAYTITLE:Client Certificates / Client Authentication}} Category:AppBoard 2.4 ==Overview== Most people are familiar with secure web sites, sites that begin with the addr...'2014-09-05T13:02:56Z<p>Created page with '{{DISPLAYTITLE:Client Certificates / Client Authentication}} <a href="/docs/index.php?title=Category:AppBoard_2.4&action=edit&redlink=1" class="new" title="Category:AppBoard 2.4 (page does not exist)">Category:AppBoard 2.4</a> ==Overview== Most people are familiar with secure web sites, sites that begin with the addr...'</p>
<p><b>New page</b></p><div>{{DISPLAYTITLE:Client Certificates / Client Authentication}}<br />
[[Category:AppBoard 2.4]]<br />
==Overview==<br />
Most people are familiar with secure web sites, sites that begin with the address <tt>https</tt>, that use certificates signed by authorities trusted to ensure the site is who it says it is. Lesser known is the server can request the client return a certificate to authenticate the client - this is known as (SSL) ''Client Authentication''<br />
<br />
AppBoard fully supports SSL Client Authentication and the main components to configure are:<br />
<br />
# Update Tomcat to enable client authentication<br />
# Create/Import Java Truststore used by the server to validate the client certificates.<br />
# (optionally) AppBoard may be customized to use this information beyond Tomcat validating the SSL session.<br />
<br />
== Tomcat Configuration ==<br />
<br />
# Enable client authentication by editing <tt>[INSTALL_HOME]/server/conf/server.xml</tt> and adding the following parameters to the eportal Connector:<br />
#: <tt>clientAuth="true"</tt><br />
#: <tt>truststoreFile="''full_path_to_truststore_file''"</tt><br />
#: <tt>truststorePass="''password_for_truststore_file''"</tt><br />
# Create a Java Truststore file in JKS format, alternatively PKCS11 and PKCS12 are supported by setting the <tt>truststoreType</tt> parameter. By default the type used matches the <tt>keystoreType</tt> parameter.<br />
<br />
{{Note|It is recommended to contact Support and engage the Edge Solutions team to help with the basic configuration and further customization that may be needed.}}</div>imported>Jason.nicholls