Outbound web services mutual authentication

Mutual authentication establishes trust by exchanging Secure Sockets Layer (SSL) certificates.

Before connecting to a server, the client requests an SSL certificate. The server responds by requesting that the client send its own certificate. Both respond by validating the certificates of the other and sending acknowledgments before initiating an HTTPS connection. Mutual authentication is not available when making outbound web service calls through a MID Server.

As an administrator, you can enable mutual authentication by defining a protocol profile for connections that require mutual authentication. Protocol profiles allow you to associate a specific certificate record with a protocol, such as HTTPS.

For example, you can create a protocol profile called https for one-way SSL and another called myhttps with a certificate for mutual authentication. You can then make an HTTPS web service request by callingmyhttps://<externalendpoint.com> if the end point requires mutual authentication, or https://<externalendpoint.com> if it does not.

Note: This feature enables mutual authentication only on outbound HTTPS connections, such as SOAP, REST, or direct HTTPS calls. ServiceNow does not support mutual authentication for inbound requests or for outbound requests sent through a MID Server.