My Oracle Support Banner

How To Use Openssl To Verify Mutual SSL Authentication For Tomcat Troubleshooting? (Doc ID 2419704.1)

Last updated on MAY 23, 2021

Applies to:

Siebel CRM - Version 17.0 [IP2017] and later
Information in this document applies to any platform.


Siebel IP2017 and higher implements SSL on the communication between application containers (Tomcat). This SSL communication requires a mutual SSL authentication.

Mutual SSL authentication or certificate based mutual authentication refers to two parties authenticating each other through verifying the provided digital certificate so that both parties are assured of the others' identity.

In the Siebel context, the Client can be the Application Interface communicating with the Cloud Gateway Server via the respective application containers (Tomcat), and vice-versa.
It would not be the client browser and Application Interface as this does not require certificate based mutual authentication.

See the flow below:

In order to help with the troubleshooting on the mutual SSL authentication use openssl utility with the extracted PEM files (X509 certificates).

openssl utility can be downloaded and used from cygwin, for example, if you are using Windows OS.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.