Web Services and SSL Certifications

15 pts.
License management
Web services
Hello All, I am working with vendor who offers SOAP based web services that I'm trying to use for my company.  The web services app/client that I'm builiding will reside on an IIS box, on our company network.  The web services require a cert for mutual SSL and another for TLS.  The vendor is requesting that I purchase the two certs for this and send the certs to them for installation.  I not familiar with how this all works and would like to better understand before I continue down the path of obtaining certs, configuring, etc. Specifically, I'd like to know if someone can assist in answering the following for me: 1)  Are these special certs that I need to purchase? 2)  What does the vendor do with the provided certs and what information should I expect to receive from them to ensure a secure handshake? 3)  Is the "mutual cert" something that I need to configure (e.g., install on the web server, convert to a file, etc.) I want to make sure I'm heading down the right path by understand all that needs to happen to form a secure connection with the vendor and what is being requested by them. Any insight you can offer up would be greatly appreciated! Thanks, SK

Software/Hardware used:
SOAP Web Services, HTTPS, ASP.NET, Win 03/IIS 6

Answer Wiki

Thanks. We'll let you know when a new response is added.

You do need to purchase these certificate from a certificate body there are plenty of companies who will supply them. This normally takes the form of generating Certificate Signing Request using tools like Open SSL or even IIS has a module/Wizard to create the CSRs You then send these to the Company that will create the certs.

I would have expected the company doing the hosting to do all the legwork for you and you just providing the details needed Authority to purchase etc.

The client certificates you woulds need to install into the Webrowsers on any machines expected to access the Web application.

Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Sk1021
    Hi AndyRLee, Unfortunately, the company won't offer up any free insight/guidance. I'm trying to avoid additional costs by doing all the legwork myself on this.
    15 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: