Configuring One-Way TLS Authentication
In the one-way TLS authentication mode, the plug-in authenticates the connected LDAP server. To use one-way TLS authentication, you have to configure a trust store.
- Procedure
- Create an LDAP connection in TIBCO Business Studio, as described in Creating an LDAP Connection.
- From the Authentication Mode list, select Simple to enable the one-way TLS authentication.
- In the
Identity Provider field, click
to select an Identity Provider resource to log in to the connected LDAP server.
See Creating an Identity Provider Resource to create an Identity Provider resource. - Select the Use TLS check box.
- In the
SSL Client Configuration field, click
to select an SSL client Configuration resource. If no SSL client configuration instance is available, click
Create Shared Resource to create one:
- In the
Create SslClientResource Resource Template dialog, specify the resource folder, package, and resource name. Click
Finish to create an SSL Client Provider resource.
The SSL Client Configuration editor is displayed.
Note: Select TLS as SSL protocol in SSL Client Configuration. The TLS 1.x version is dependent on the LDAP server side configuration - In the
Keystore Provider as Trust Store field, click
to select a Keystore Provider resource.
The selected Keystore Provider resource provides access to a trust store. The plug-in accesses the keystore to verify the identity of the connected LDAP server.
If no Keystore Provider resource is available, click Create Shared Resource to create one. See Creating a Keystore Provider Resource for more details.
- In the
Create SslClientResource Resource Template dialog, specify the resource folder, package, and resource name. Click
Finish to create an SSL Client Provider resource.
