One-way and two-way SSL authentication
Configuring communication between an SSL server and client can use one-way or two-way SSL authentication. For example, the SSL client is the computer on which the IBM® Security Identity Manager Server is installed, and the SSL server is the IBM Security Directory Server.
One-way authentication creates a truststore on the client and a keystore on the server. In this example, CA certificate "A" exists in the truststore on the SSL client and also in the keystore on the SSL server.
![One-way SSL communication](../../common/images/ssloneway_generic.jpg)
Two-way authentication creates a truststore and a keystore on both the client and the server. In this example, there is a CA certificate "A" in the truststore and a CA certificate "B" in the keystore on both client and server.
![Two-way SSL communication](../../common/images/ssltwoway_generic.jpg)
For more information about configuring SSL communication between the IBM Security Identity Manager Server and an IBM Security Identity Manager adapter, see the installation and configuration guide for the adapter.