diff --git a/build/assembly.xml b/build/assembly.xml
index 33259bf894104ed94b84d23154341ab06ea1072e..79c7b94b1d84643745f3ef32c6f81f8d7f12b794 100644
--- a/build/assembly.xml
+++ b/build/assembly.xml
@@ -29,9 +29,9 @@
             <directory>${project.basedir}/src/main/resources/store</directory>
             <outputDirectory>/</outputDirectory>
             <includes>
-                <include>john_smith_xta_tester.p12</include>
+                <include>xta-test-client-john-smith_keystore.p12</include>
                 <include>xta-test-server_keystore.p12</include>
-                <include>xta-test-server_truststore.jks</include>
+                <include>xta-test_truststore.jks</include>
             </includes>
         </fileSet>
     </fileSets>
diff --git a/build/resources/application-local.yml b/build/resources/application-local.yml
index 56e45ef748a9d29da9da05035da9695d63df787a..49cc6e1cb8e602572d0aeb94cb74120e3e52ce4d 100644
--- a/build/resources/application-local.yml
+++ b/build/resources/application-local.yml
@@ -15,10 +15,10 @@ server:
     key-store-password: password
     key-store-type: pkcs12
     # Alias im KeyStore
-    key-alias: xta-test-application
+    key-alias: xta-test-server
     key-password: password
     # enthaelt alle vertrauenswuerdigen Zertifikate oder Oberzertifikate
-    trust-store: ./xta-test-server_truststore.jks
+    trust-store: ./xta-test_truststore.jks
     trust-store-password: password
     trust-store-type: JKS
     client-auth: want
diff --git a/doc/bedienungsanleitung.adoc b/doc/bedienungsanleitung.adoc
index aef7299b4da479ffc3f6d4fe139686b74291aa9f..5e1a1f07c056fd4124142e0b85c3ba38691ae0f0 100644
--- a/doc/bedienungsanleitung.adoc
+++ b/doc/bedienungsanleitung.adoc
@@ -214,8 +214,7 @@ Die WSDL-Datei ist immer unter der Adresse des Services mit dem Zusatz ?wsdl auf
 
 Für die Kommunikation mittels HTTPs ist ein Client-Zertifikat notwendig, um den Client gegenüber der Testumgebung zu authentifizieren. Innerhalb der ZIP-Dateien der Testumgebung sind bereits mehrere Zertifikate und Keystores hinterlegt, die für die Kommunikation mit der Testumgebung genutzt werden können:
 
-* john_smith_xta_tester.p12 - Dieser Keystore beinhaltet ein Client-Zertifikat, das für die Kommunikation mit der Testumgebung verwendet werden kann. Sofern die Testumgebung in der Standardkonfiguration gestartet wurde, stuft die Umgebung das Zertifikat als vertrauenswürdig ein.
-* jane_doe_xta_tester.p12 - Dieser Keystore beinhaltet ein Client-Zertifikat, das für die Kommunikation mit der Testumgebung verwendet werden kann. Sofern die Testumgebung in der Standardkonfiguration gestartet wurde, stuft die Umgebung das Zertifikat als vertrauenswürdig ein.
+* xta-test-client-john-smith_keystore.p12 - Dieser Keystore beinhaltet ein Client-Zertifikat, das für die Kommunikation mit der Testumgebung verwendet werden kann. Sofern die Testumgebung in der Standardkonfiguration gestartet wurde, stuft die Umgebung das Zertifikat als vertrauenswürdig ein.
 
 
 === Test mit SoapUI
diff --git a/pom.xml b/pom.xml
index 1d99389577fc817e64a2ee9dcad581d02fe298c6..6e5a224865618848d3f075e92cd005a20c5267a0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -406,6 +406,12 @@
 					<additionalProperties>
 						<wsdl.version>${wsdl.version}</wsdl.version>
 					</additionalProperties>
+					<image>
+						<env>
+							<HTTP_PROXY>${env.HTTP_PROXY}</HTTP_PROXY>
+							<HTTPS_PROXY>${env.HTTP_PROXY}</HTTPS_PROXY>
+						</env>
+					</image>
 				</configuration>
 				<executions>
 					<execution>
diff --git a/soapui/XTA-soapui-project.xml b/soapui/XTA-soapui-project.xml
index 2d192601d123889f5ce4e913c67821768cb54d30..4b43308389bb29ee99ec0ed0269a5b7d4f7a0e7d 100644
--- a/soapui/XTA-soapui-project.xml
+++ b/soapui/XTA-soapui-project.xml
@@ -3358,7 +3358,7 @@ eine Nachricht für die synchrone Weiterleitung übergeben wurde, die nur für d
       <xs:documentation>Diese Exception wird allgemein geworfen, wenn ein technisches Problem im XTA-WS aufgetreten ist. Sie kann z. B. durch ein Problem beim Zugriff auf die interne Datenbank des XTA-Servers ausgelöst worden sein.</xs:documentation>
     </xs:annotation>
   </xs:element>
-</xs:schema>]]></con:content><con:type>http://www.w3.org/2001/XMLSchema</con:type></con:part></con:definitionCache><con:endpoints><con:endpoint>http://localhost:8080/xta/ws</con:endpoint><con:endpoint>https://localhost:8443/MB_XTA-WS</con:endpoint><con:endpoint>https://localhost:8881</con:endpoint></con:endpoints><con:operation id="638fc8ad-4e98-4cf6-be0c-e2638749cfe3" isOneWay="false" action="http://www.xta.de/XTA/CancelMessage" name="cancelMessage" bindingOperationName="cancelMessage" type="Request-Response" inputName="" receivesAttachments="false" sendsAttachments="false" anonymous="optional"><con:settings/><con:call id="9e166713-c453-4f91-b18b-81229ae9f636" name="CancelMessage" sslKeystore="john_smith_xta_tester.p12" useWsAddressing="true"><con:settings><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers">&lt;xml-fragment/></con:setting><con:setting id="WsdlSettings@enable-mtom">true</con:setting><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@force_mtom">true</con:setting></con:settings><con:encoding>UTF-8</con:encoding><con:endpoint>https://localhost:8443/MB_XTA-WS/XTA210managementPort.svc</con:endpoint><con:request><![CDATA[<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tran="http://www.osci.eu/ws/2014/10/transport" xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:add="http://www.w3.org/2005/08/addressing">\r
+</xs:schema>]]></con:content><con:type>http://www.w3.org/2001/XMLSchema</con:type></con:part></con:definitionCache><con:endpoints><con:endpoint>http://localhost:8080/xta/ws</con:endpoint><con:endpoint>https://localhost:8443/MB_XTA-WS</con:endpoint><con:endpoint>https://localhost:8881</con:endpoint></con:endpoints><con:operation id="638fc8ad-4e98-4cf6-be0c-e2638749cfe3" isOneWay="false" action="http://www.xta.de/XTA/CancelMessage" name="cancelMessage" bindingOperationName="cancelMessage" type="Request-Response" inputName="" receivesAttachments="false" sendsAttachments="false" anonymous="optional"><con:settings/><con:call id="9e166713-c453-4f91-b18b-81229ae9f636" name="CancelMessage" sslKeystore="xta-test-client-john-smith_keystore.p12" useWsAddressing="true"><con:settings><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers">&lt;xml-fragment/></con:setting><con:setting id="WsdlSettings@enable-mtom">true</con:setting><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@force_mtom">true</con:setting></con:settings><con:encoding>UTF-8</con:encoding><con:endpoint>https://localhost:8443/MB_XTA-WS/XTA210managementPort.svc</con:endpoint><con:request><![CDATA[<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tran="http://www.osci.eu/ws/2014/10/transport" xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:add="http://www.w3.org/2005/08/addressing">\r
    <soap:Header>\r
       <tran:Author>\r
          <tran:Identifier type="xoev" name="SoapUI" category="dbs:testumgebung">?</tran:Identifier>
@@ -3368,7 +3368,7 @@ eine Nachricht für die synchrone Weiterleitung übergeben wurde, die nur für d
    <soap:Body>\r
       <add:MessageID>urn:de:xta:messageid:xta-tester:b9f971c1-133e-4c33-91da-117a668f4343</add:MessageID>\r
    </soap:Body>\r
-</soap:Envelope>]]></con:request><con:credentials><con:authType>No Authorization</con:authType></con:credentials><con:jmsConfig JMSDeliveryMode="PERSISTENT"/><con:jmsPropertyConfig/><con:wsaConfig mustUnderstand="NONE" version="200508" action="http://www.xta.de/XTA/CancelMessage" addDefaultAction="true" addDefaultTo="true" generateMessageId="true"/><con:wsrmConfig version="1.2"/></con:call></con:operation><con:operation id="ed63891c-c43a-4476-8208-f37771b9a239" isOneWay="false" action="http://www.xta.de/XTA/CheckAccountActive" name="checkAccountActive" bindingOperationName="checkAccountActive" type="Request-Response" inputName="" receivesAttachments="false" sendsAttachments="false" anonymous="optional"><con:settings/><con:call id="246c0286-5928-43a6-ab33-56b93f9308b3" name="CheckAccountActive" sslKeystore="john_smith_xta_tester.p12" useWsAddressing="true"><con:settings><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers">&lt;xml-fragment/></con:setting><con:setting id="WsdlSettings@enable-mtom">true</con:setting><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@force_mtom">true</con:setting></con:settings><con:encoding>UTF-8</con:encoding><con:endpoint>https://localhost:9443/MB_XTA-WS/XTA210managementPort.svc</con:endpoint><con:request><![CDATA[<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tran="http://www.osci.eu/ws/2014/10/transport" xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">\r
+</soap:Envelope>]]></con:request><con:credentials><con:authType>No Authorization</con:authType></con:credentials><con:jmsConfig JMSDeliveryMode="PERSISTENT"/><con:jmsPropertyConfig/><con:wsaConfig mustUnderstand="NONE" version="200508" action="http://www.xta.de/XTA/CancelMessage" addDefaultAction="true" addDefaultTo="true" generateMessageId="true"/><con:wsrmConfig version="1.2"/></con:call></con:operation><con:operation id="ed63891c-c43a-4476-8208-f37771b9a239" isOneWay="false" action="http://www.xta.de/XTA/CheckAccountActive" name="checkAccountActive" bindingOperationName="checkAccountActive" type="Request-Response" inputName="" receivesAttachments="false" sendsAttachments="false" anonymous="optional"><con:settings/><con:call id="246c0286-5928-43a6-ab33-56b93f9308b3" name="CheckAccountActive" sslKeystore="xta-test-client-john-smith_keystore.p12" useWsAddressing="true"><con:settings><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@request-headers">&lt;xml-fragment/></con:setting><con:setting id="WsdlSettings@enable-mtom">true</con:setting><con:setting id="com.eviware.soapui.impl.wsdl.WsdlRequest@force_mtom">true</con:setting></con:settings><con:encoding>UTF-8</con:encoding><con:endpoint>https://localhost:9443/MB_XTA-WS/XTA210managementPort.svc</con:endpoint><con:request><![CDATA[<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:tran="http://www.osci.eu/ws/2014/10/transport" xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">\r
    <soap:Header>\r
       <tran:Author>\r
          <tran:Identifier type="xoev" name="SoapUI" category="dbs:testumgebung">?</tran:Identifier>\r
@@ -10846,4 +10846,4 @@ if (action[0..1] == "\\\"") {
          </ns:ContentContainer>
       </ns:GenericContentContainer>
    </soapenv:Body>
-</soapenv:Envelope>]]></con:responseContent><con:wsaConfig mustUnderstand="NONE" version="200508" action="http://www.osci.eu/ws/2008/05/transport/urn/messageTypes/MsgBoxFetchRequest"/></con:response><con:dispatchConfig/></con:mockOperation></con:mockService><con:properties/><con:afterLoadScript/><con:wssContainer><con:crypto><con:source>../src/main/resources/store/john_smith_xta_tester.p12</con:source><con:password>password</con:password><con:type>KEYSTORE</con:type></con:crypto><con:crypto><con:source>../src/main/resources/store/xta-test-server_keystore.p12</con:source><con:password>password</con:password><con:type>TRUSTSTORE</con:type></con:crypto></con:wssContainer><con:oAuth2ProfileContainer/><con:oAuth1ProfileContainer/><con:sensitiveInformation/></con:soapui-project>
\ No newline at end of file
+</soapenv:Envelope>]]></con:responseContent><con:wsaConfig mustUnderstand="NONE" version="200508" action="http://www.osci.eu/ws/2008/05/transport/urn/messageTypes/MsgBoxFetchRequest"/></con:response><con:dispatchConfig/></con:mockOperation></con:mockService><con:properties/><con:afterLoadScript/><con:wssContainer><con:crypto><con:source>../src/main/resources/store/xta-test-client-john-smith_keystore.p12</con:source><con:password>password</con:password><con:type>KEYSTORE</con:type></con:crypto><con:crypto><con:source>../src/main/resources/store/xta-test-server_keystore.p12</con:source><con:password>password</con:password><con:type>TRUSTSTORE</con:type></con:crypto></con:wssContainer><con:oAuth2ProfileContainer/><con:oAuth1ProfileContainer/><con:sensitiveInformation/></con:soapui-project>
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index abdee8f2198526d7b8783fa3023dc61194cad49b..8a3a8ab41f0cd4154502e7f44c5cd65867fe30e1 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -17,10 +17,10 @@ server:
     key-store-password: password
     key-store-type: pkcs12
     # Alias im KeyStore
-    key-alias: xta-test-application
+    key-alias: xta-test-server
     key-password: password
     # enthaelt alle vertrauenswuerdigen Zertifikate
-    trust-store: classpath:store/xta-test-server_truststore.jks
+    trust-store: classpath:store/xta-test_truststore.jks
     trust-store-password: password
     trust-store-type: JKS
     # want, need, none; see org.springframework.boot.web.server.ClientAuth
diff --git a/src/main/resources/store/.gitignore b/src/main/resources/store/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..e1980119d66205dfba5f0d5be03b86376bb7c839
--- /dev/null
+++ b/src/main/resources/store/.gitignore
@@ -0,0 +1,4 @@
+*.crt
+*.csr
+*.key
+*.slr
\ No newline at end of file
diff --git a/src/main/resources/store/ca-openssl.cnf b/src/main/resources/store/ca-openssl.cnf
new file mode 100644
index 0000000000000000000000000000000000000000..63ba8d8f5de6d40496a6545b094732048b555cf3
--- /dev/null
+++ b/src/main/resources/store/ca-openssl.cnf
@@ -0,0 +1,23 @@
+[req]
+default_bits       = 2048
+distinguished_name = req_distinguished_name
+req_extensions     = v3_ca
+prompt             = no
+
+[req_distinguished_name]
+C  = DE
+ST = XTATestState
+L  = XTATestCity
+O  = XTATestOrg
+OU = XTATestOrgUnit
+CN = XTA Test Root CA
+
+[ v3_ca ]
+# Basic Constraints
+basicConstraints = critical, CA:true, pathlen:0
+
+# Key Usage
+keyUsage = critical, digitalSignature, keyCertSign, cRLSign
+
+# Netscape Cert Type
+nsCertType = sslCA
\ No newline at end of file
diff --git a/src/main/resources/store/client-openssl.cnf b/src/main/resources/store/client-openssl.cnf
new file mode 100644
index 0000000000000000000000000000000000000000..2914eaa2893cfcb394c825e30394294f22466d79
--- /dev/null
+++ b/src/main/resources/store/client-openssl.cnf
@@ -0,0 +1,20 @@
+[ req ]
+default_bits       = 2048
+distinguished_name = req_distinguished_name
+req_extensions     = req_ext
+prompt             = no
+
+[ req_distinguished_name ]
+C  = DE
+ST = XTACity
+L  = XTACountry
+O  = XTAOrg
+OU = XTAOrgUnit
+CN = XTA Test Client
+
+[ req_ext ]
+authorityKeyIdentifier=keyid,issuer
+keyUsage = critical, digitalSignature, keyEncipherment, dataEncipherment, keyAgreement
+extendedKeyUsage = clientAuth
+basicConstraints=CA:FALSE
+nsCertType = client
\ No newline at end of file
diff --git a/src/main/resources/store/generate.sh b/src/main/resources/store/generate.sh
new file mode 100755
index 0000000000000000000000000000000000000000..5906a971e08e0a30faab5ed083c30c6f4ab71de0
--- /dev/null
+++ b/src/main/resources/store/generate.sh
@@ -0,0 +1,52 @@
+#!/bin/bash
+
+set -e
+
+STORE_PASS=password
+ISSUER_ALIAS=xta-test-root-ca
+TRUST_STORE_JKS=xta-test_truststore.jks
+
+if [ ! -f $ISSUER_ALIAS.key ] || [ ! -f $ISSUER_ALIAS.crt ]; then
+  rm $TRUST_STORE_JKS || true
+  echo "[1.0] Generate key for the Xta-Root-CA (Root CA key or crt not found)"
+  openssl genrsa -out $ISSUER_ALIAS.key 2048
+  echo "[1.1] Generate a self-signed certificate for the Xta-Root-CA"
+  openssl req -x509 -new -nodes -key $ISSUER_ALIAS.key -sha256 -days 4000 -out $ISSUER_ALIAS.crt -config ca-openssl.cnf -extensions v3_ca
+else
+  echo "[1.0] Root CA found. Skipping generation."
+fi
+
+if [ ! -f $TRUST_STORE_JKS ]; then
+  echo "[2.0] Import Root CA into Xta-Server-Truststore"
+  keytool -importcert -alias $ISSUER_ALIAS -keystore $TRUST_STORE_JKS -storetype JKS -storepass "$STORE_PASS" -file $ISSUER_ALIAS.crt -noprompt
+else
+  echo "[2.0] Xta-Server-Truststore found. Skipping generation."
+fi
+
+function generate_keystore_with_signed_certificate {
+  local step_num="$1"
+  local key_alias="$2"
+  local key_cn="$3"
+  local ext_config_file="$4"
+  local keystore_args=( -keystore "${key_alias}_keystore.p12" -storepass "$STORE_PASS" -storetype PKCS12 )
+  rm "$key_alias"_keystore.p12 || true
+  echo "[$step_num.0] Generate a keystore for $key_cn"
+  keytool -genkeypair "${keystore_args[@]}" -alias "$key_alias" -keyalg RSA -keysize 2048 -validity 3900 -dname "CN=$key_cn, OU=XtaTestOrgUnit, O=XtaTestOrg, L=XtaTestCity, S=XtaTestState, C=DE"
+  keytool -importcert "${keystore_args[@]}" -alias $ISSUER_ALIAS -file $ISSUER_ALIAS.crt -noprompt
+
+  echo "[$step_num.1] Generate a certificate signing request for $key_cn"
+  keytool -certreq "${keystore_args[@]}" -alias "$key_alias" -file "$key_alias.csr"
+
+  echo "[$step_num.2] Sign the certificate with the Root CA using $ext_config_file"
+  openssl x509 -req -in "$key_alias.csr" -out "$key_alias.crt" -CA $ISSUER_ALIAS.crt -CAkey $ISSUER_ALIAS.key -CAcreateserial -days 3900 -sha256 -extfile "$ext_config_file" -extensions req_ext
+  rm "$key_alias.csr" || true
+
+  echo "[$step_num.3] Import the signed certificate into the keystore with alias $key_alias"
+  keytool -importcert "${keystore_args[@]}" -alias "$key_alias" -file "$key_alias.crt" -noprompt
+  rm "$key_alias.crt" || true
+  keytool -delete "${keystore_args[@]}" -alias $ISSUER_ALIAS -noprompt
+}
+
+generate_keystore_with_signed_certificate "3" xta-test-server "XTA Test Server" server-openssl.cnf
+generate_keystore_with_signed_certificate "4" xta-test-client-john-smith "XTA Test Client John Smith" client-openssl.cnf
+generate_keystore_with_signed_certificate "5" xta-test-client-jane-doe "XTA Test Client Jane Doe" client-openssl.cnf
\ No newline at end of file
diff --git a/src/main/resources/store/jane_doe_xta_tester.p12 b/src/main/resources/store/jane_doe_xta_tester.p12
deleted file mode 100644
index f745dc02ab3dc0e9bb25a83ee0e9542ad3851c65..0000000000000000000000000000000000000000
Binary files a/src/main/resources/store/jane_doe_xta_tester.p12 and /dev/null differ
diff --git a/src/main/resources/store/john_smith_xta_tester.p12 b/src/main/resources/store/john_smith_xta_tester.p12
deleted file mode 100644
index a727395694185315016bfccc2fd42e17749e4592..0000000000000000000000000000000000000000
Binary files a/src/main/resources/store/john_smith_xta_tester.p12 and /dev/null differ
diff --git a/src/main/resources/store/server-openssl.cnf b/src/main/resources/store/server-openssl.cnf
new file mode 100644
index 0000000000000000000000000000000000000000..7b1a0f2c6b8c0fe32e9dc03e2aac2c1d3f73b599
--- /dev/null
+++ b/src/main/resources/store/server-openssl.cnf
@@ -0,0 +1,25 @@
+[req]
+default_bits       = 2048
+distinguished_name = req_distinguished_name
+req_extensions     = req_ext
+prompt             = no
+
+[req_distinguished_name]
+C  = YourCountry
+ST = YourState
+L  = YourCity
+O  = YourOrg
+OU = YourOrgUnit
+CN = your.server.com
+
+[req_ext]
+subjectAltName = @alt_names
+keyUsage = critical, digitalSignature, nonRepudiation, keyEncipherment, keyAgreement
+extendedKeyUsage = serverAuth
+basicConstraints = CA:FALSE
+subjectKeyIdentifier = hash
+
+[alt_names]
+DNS.1 = localhost
+IP.1  = 127.0.0.1
+DNS.2 = docker
\ No newline at end of file
diff --git a/src/main/resources/store/show_certs.sh b/src/main/resources/store/show_certs.sh
new file mode 100755
index 0000000000000000000000000000000000000000..3cc8bbb9488fa502c51d3939c235a7c5a7647956
--- /dev/null
+++ b/src/main/resources/store/show_certs.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -e
+
+ISSUER_ALIAS=xta-test-root-ca
+STORE_PASS=password
+
+function show_cert_by_alias {
+  local key_alias="$1"
+  keytool -exportcert -alias "$key_alias" -keystore "${key_alias}_keystore.p12" -file "${key_alias}.crt" -storepass "$STORE_PASS"
+  openssl x509 -in "${key_alias}.crt" -text -noout
+  rm "${key_alias}.crt" || true
+}
+
+openssl x509 -in "${ISSUER_ALIAS}.crt" -text -noout
+
+show_cert_by_alias xta-test-server
+show_cert_by_alias xta-test-client-john-smith
+
diff --git a/src/main/resources/store/xta-test-client-jane-doe_keystore.p12 b/src/main/resources/store/xta-test-client-jane-doe_keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..0c0a1b20ac2922debfbbb7d973ddcdf6ecf068fc
Binary files /dev/null and b/src/main/resources/store/xta-test-client-jane-doe_keystore.p12 differ
diff --git a/src/main/resources/store/xta-test-client-john-smith_keystore.p12 b/src/main/resources/store/xta-test-client-john-smith_keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..dab946317cc45fd93bf87b573e959fa86c0c1afa
Binary files /dev/null and b/src/main/resources/store/xta-test-client-john-smith_keystore.p12 differ
diff --git a/src/main/resources/store/xta-test-server_keystore.p12 b/src/main/resources/store/xta-test-server_keystore.p12
index da0a1928782d51ed779ccdd59f8fa0e55db88834..b8937afa04dd5fa9322ac86830f990bbe4ec6f48 100644
Binary files a/src/main/resources/store/xta-test-server_keystore.p12 and b/src/main/resources/store/xta-test-server_keystore.p12 differ
diff --git a/src/main/resources/store/xta-test-server_truststore.jks b/src/main/resources/store/xta-test-server_truststore.jks
deleted file mode 100644
index 0935b1e776a77b5caa7e8cfc4a6a02a9881d03b7..0000000000000000000000000000000000000000
Binary files a/src/main/resources/store/xta-test-server_truststore.jks and /dev/null differ
diff --git a/src/main/resources/store/xta-test_truststore.jks b/src/main/resources/store/xta-test_truststore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..d3d62904abc6726da06f54b5cd083406e15d5444
Binary files /dev/null and b/src/main/resources/store/xta-test_truststore.jks differ
diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml
index 3b93649c12db7fe0c15b08331ed4073608be207c..bec9257f4fbbfca804fb88b4821db63d7fad0528 100644
--- a/src/test/resources/application.yml
+++ b/src/test/resources/application.yml
@@ -10,10 +10,10 @@ server:
     key-store-password: password
     key-store-type: pkcs12
     # Alias im KeyStore
-    key-alias: xta-test-application
+    key-alias: xta-test-server
     key-password: password
     # enthaelt alle vertrauenswuerdigen Zertifikate
-    trust-store: classpath:store/xta-test-server_truststore.jks
+    trust-store: classpath:store/xta-test_truststore.jks
     trust-store-password: password
     trust-store-type: JKS
     # want, need, none; see org.springframework.boot.web.server.ClientAuth