You can configure the server to authenticate users based on a client certificate
provided for TLS mutual authentication. The server's TLS settings, including what
certificates it will trust, are configured using the efm.security.ssl.*
prefixed properties in the efm.properties file.
-
Open the
efm.properties file.
The properties pertaining to TLS configuration are the
following:
efm.server.ssl.enabled=false
efm.server.ssl.keyStore=/path/to/keystore.jks
efm.server.ssl.keyStoreType=jks
efm.server.ssl.keyStorePassword=
efm.server.ssl.keyPassword=
efm.server.ssl.trustStore=/path/to/truststore.jks
efm.server.ssl.trustStoreType=jks
efm.server.ssl.trustStorePassword=
efm.server.ssl.clientAuth=WANT
-
Change
efm.security.user.certificate.enabled=false to
efm.security.user.certificate.enabled=true. -
Change
efm.server.ssl.clientAuth=WANT to
efm.server.ssl.clientAuth=NEED.
