You need to sign in to do that
Don't have an account?
Vik
2-Way SSL Mutual Auth
To integrate our application with Salesforce we have to do 2-Way Mutual Auth with Salesforce.
To make 2-Way mutual Auth work, Salesforce needs to import root-ca and intermediate-ca in their trust store. Is it possible for salesforce to do that?
Our organisation will not accept any other alternative when it comes to security but only 2-way mutual Auth.
Hi,
The Self-Signed certificates generated by Salesforce, are not linked to the Salesforce.com CA-Signed certificates that secure our servers. They are stand alone certificates.
If your external service does not accept a self-signed certificate, then you must generate a CA-Signed Certificate for use in Salesforce. Here are steps on how to do that:
1) Go to Setup -> Administrative Setup -> Security Controls -> Certificate and Key Management
2) Click New CA-Signed Certificate
3) Type 'Invoice Service Client Certificate' as label and 'invoice_service' as unique name
4) The values for Common Name, Email Address, Company, Department, City, State and Country Code are more or less dictated by who will be signing your certificate. If you want VeriSign to sign it, they have requirements that these values match your real identity.
Then you will need to have this certificate signed by a Certificate Authority.
1. Download a certificate signing request by clicking Download Certificate Signing Request on the certificate detail page.
2. Send this request (it will be a file) to a Certificate Authority to be sign.
3. They will return another file which you then upload into Salesforce by clicking Upload Signed Certificate.
Please let me know if this answers your question.
All Answers
Hi,
The Self-Signed certificates generated by Salesforce, are not linked to the Salesforce.com CA-Signed certificates that secure our servers. They are stand alone certificates.
If your external service does not accept a self-signed certificate, then you must generate a CA-Signed Certificate for use in Salesforce. Here are steps on how to do that:
1) Go to Setup -> Administrative Setup -> Security Controls -> Certificate and Key Management
2) Click New CA-Signed Certificate
3) Type 'Invoice Service Client Certificate' as label and 'invoice_service' as unique name
4) The values for Common Name, Email Address, Company, Department, City, State and Country Code are more or less dictated by who will be signing your certificate. If you want VeriSign to sign it, they have requirements that these values match your real identity.
Then you will need to have this certificate signed by a Certificate Authority.
1. Download a certificate signing request by clicking Download Certificate Signing Request on the certificate detail page.
2. Send this request (it will be a file) to a Certificate Authority to be sign.
3. They will return another file which you then upload into Salesforce by clicking Upload Signed Certificate.
Please let me know if this answers your question.
I'm also trying to set up a 2-Way SSL Authentication, but I'm not sure what I need to enter in the Common Name field.
Can I just enter someting like tickets.bcit.be or does it need to be something pointing to SFDC? And do I need to do something with tickets.bcit.be (DNS, redirect, ....).
Tips are more than welcome.
We have very same situation. Once we upload the signed certificate, how can we import webervice root.cer and other intermediate certificates?
Thanks for the help
Ya if anyown gets the answer to this let me know. Premiere support is worthless in this case I cannot get any help. In fact they flat out refused to help.