- Authentication enables the server and client to check that the other party is who it claims to be.
- Integrity ensures that a message sent by a client is received intact by the server, untampered.
- Encryption provides confidentiality by allowing only the intended recipient to read the message.
For more details about this refer to http://docs.oracle.com/cd/E25054_01/core.1111/e10105/sslconfig.htm#autoId1
The below picture depicts succintly and clearly how SSL session is conducted:
Two kinds of SSL options exist -
- One Way
- Two way.
This is often misleading term with out mentioning the source and destination. One-Way usually refers to the source trying to be able to call a secured service at the destination. Two Way refers to destination also being able to consume the secured services at the source in addition to one -way, better represented using pictures below. Source: ibm.com
To configure 2 way SSL on on Oracle SOA 11g Managed server the below are high level steps:
- Generate public key/ private key pair in a java identity key store.
- Generate either
- self signed certificate(or)
- certificate signing request (CSR) and further get the certificate from the CA( Refer this : https://blogs.oracle.com/blogbypuneeth/entry/steps_to_create_a_csr)
The detailed steps for the same are clearly mentioned in the below posts:
- Reference to keytool: http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html
- More reference: Oracle Doc ID : 1109753.1