In my last blog post, “SSL: What is “two-way” authentication?” I gave an overview of the types of authentication involved in an SSL communication. Now I’d like to talk about a recent customer implementation that required SSL two-way authentication, an authentication issue that we encountered along the way and the troubleshooting that went into getting this issue resolved.
In this implementation project, our customer was going to be setting up EXTOL’s EBI application to communicate with a third-party electronic invoicing vendor. One of the requirements was that the communication with the vendor would be done over SSL using two-way authentication. Because EXTOL was doing the initial communications/connectivity implementation and setup on behalf of our customer, the vendor sent an electronic form for us to fill out. One of the main pieces of information that the vendor required was the IP address from which we would be communicating. This was important because the vendor specifically only allowed incoming communications through their firewall from approved/authorized IP addresses. Once that was set up, the vendor supplied us with a certificate that identified their server. EBI was then configured to trust their server certificate, and that part of the setup was completed.