Below is my scenario what I am trying to do and wanted to know if anyone had thoughts on how I can achieve this -
I am trying to create a Gateway for my different web services and this gateway would perform the authentication using X509 certificates. We would be using client and service certs where we give the public key of our service cert to the client. Now when the
client connect to the service they would be passing their client cert and this public key of the service cert.
I wanted to check if we can validate the service cert passed by the client in the service using code?
Why I am trying to do this is when the certs expire not all clients are ready to change/ update them at the same time so I was thinking if I can configure my service to use 2 certs with different names so if a client is passing one or the other they are authorize
to access the service. So i.e. for a period of time we would have 2 service certs active at the same time and different clients can update the certs at different times.
I am not able to this today as I can specify only one cert thru config file to the service.
I would appreciate any help on this or any ideas to achieve this differently also would be helpful.