Author Archives: Bill Hudson

SSL: Troubleshooting a client-authentication issue

In my last blog post, “SSL: What is “two-way” authentication?” I gave an overview of the types of authentication involved in an SSL communication. Now I’d like to talk about a recent customer implementation that required SSL two-way authentication, an authentication issue that we encountered along the way and the troubleshooting that went into getting this issue resolved.

Customer Implementation
In this implementation project, our customer was going to be setting up EXTOL’s EBI application to communicate with a third-party electronic invoicing vendor. One of the requirements was that the communication with the vendor would be done over SSL using two-way authentication. Because EXTOL was doing the initial communications/connectivity implementation and setup on behalf of our customer, the vendor sent an electronic form for us to fill out. One of the main pieces of information that the vendor required was the IP address from which we would be communicating. This was important because the vendor specifically only allowed incoming communications through their firewall from approved/authorized IP addresses. Once that was set up, the vendor supplied us with a certificate that identified their server.  EBI was then configured to trust their server certificate, and that part of the setup was completed.

Continue reading

SSL: What is “two-way” authentication?

I was recently working on a project for a customer that involved setting up communications between EXTOL’s EBI product and a third-party electronic invoicing provider. At the outset of this project, looking over the communications requirements, most seemed very typical and straightforward. However, one of the requirements took things a step further: the SSL communication will include two-way authentication. Using two-way authentication in SSL is just becoming more prevalent as security issues are becoming a higher priority and security requirements are becoming increasingly more stringent.

Let’s start with an explanation of two-way authentication, which involves three things — SSL, server authentication and client authentication. Continue reading