Configuring TLS for WebSphere eXtreme Scale Client for .NET

You can configure Transport Layer Security (TLS) for the WebSphere® eXtreme Scale Client for .NET.

Before you begin

You must have a keystore with the associated passwords that you want to add to the WebSphere eXtreme Scale Client for .NET configuration.
Configure data grid security for the .NET application. For more information, see Configuring data grid security for WebSphere eXtreme Scale Client for .NET.

Procedure

Optional: Using the keytool utility, extract the public certificate from the key.jks file that you configured for the server.
```
keytool -export -alias myalias -keystore key.jks -file public.cer -storepass password
```
Import this public key into the Windows Certificate store with the Certificate Management Tool, certmgr.msc, to import the key into the ‘Trusted Root Certification Authority’ or ‘Trusted People’ certificate folder. (The keyStore property in the client.properties file can point to this file)
Edit the Client.Net.properties file to include the following property values:
```
securityEnabled=true
credentialAuthentication=supported
authenticationRetryCount=3
credentialGeneratorAssembly=IBM.WebSphere.Caching.CredentialGenerator,Version=8.6.0.0,
Culture=neutral,PublicKeyToken=b439a24ee43b0816
credentialGeneratorProps=manager manager1
transportType=ssl-required
publicKeyFile=<name>.cer
```
The value of the credentialGeneratorProps property, manager manager1 is used as the user name and password values that are supplied to the server in the Credential object.
The publicKeyFile property is set as a relative path to the .NET run time. If the publicKeyFile property is not set, the Windows certificate store is searched for the public.cer file. If the publicKeyFile property is set, then the specified file is used for the SSL public certificate file. If the specified file cannot be found, the .NET client attempts to find a matching public.cer file in the certificate store.
Optional: Encode the value of the credentialGeneratorProps property.
To encode the property value, transfer your Client.Net.properties file to a computer with a Java-based WebSphere eXtreme Scale Client or server installation. Run the FilePasswordEncoder utility to encode the credentialGeneratorProps property:
```
FilePasswordEncoder.bat Client.Net.Properties credentialGeneratorProps
```
When you run this utility on a properties file, all comments within the file are deleted. For more information about the FilePasswordEncoder utility, see Storing security artifacts in stand-alone environments.
Copy the net_client_home\IBM.WebSphere.Caching.CredentialGenerator.dll to the net_client_home\sample\SimpleClient\bin\<ConfigurationName> directory
Build the sample with the ConfigurationName project context. Run the sample against your server.