Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

How to Use Mutual SSL with WSO2 Identity Server

DZone's Guide to

How to Use Mutual SSL with WSO2 Identity Server

· Integration Zone ·
Free Resource

The State of API Integration 2018: Get Cloud Elements’ report for the most comprehensive breakdown of the API integration industry’s past, present, and future.

1. Build mutual-ssl-authenticator soruce code on here. https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/authenticators/mutual-ssl-authenticator/4.2.0/

2. Build jar put it ‘wso2is-4.7.0\repository\components\dropins’

3. Open ‘wso2is-4.7.0\repository\conf\tomcat\catelina-server.xml’ file and set  clientAuth=”true” to make server to (always) expect two-way SSL authentication.

4. Extract WSO2 public certificate from:

<IS_Home>/repository/resources/security/wso2carbon.jks
Add it to client’s trust store:
<IS_Home>/repository/resources/security/client-truststore.jks.

keytool -export -alias wso2carbon -file carbon_public2.crt -keystore wso2carbon.jks -storepass wso2carbon
keytool -import -trustcacerts -alias <Client_Alias> -file carbon_public2.crt -keystore client-truststore.jks -storepass wso2carbon

5. Start the server.

For Client:

6. Create new SoapUI project using  https://localhost:9443/services/RemoteUserStoreManagerService?wsdl

7. SSL setting for SOAP UI

image

8. Make call for ‘isExistingUser’

Make sure you sure you add soup header.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.um.carbon.wso2.org">
      <soapenv:Header>
        <m:UserName xmlns:m="http://mutualssl.carbon.wso2.org"
        soapenv:mustUnderstand="0">admin</m:UserName>
    </soapenv:Header>
   <soapenv:Body>
      <ser:isExistingUser>
         <!--Optional:-->
         <ser:userName>admin</ser:userName>
      </ser:isExistingUser>
   </soapenv:Body>
</soapenv:Envelope>

image

Here is testing no password, used crt for aut.

Your API is not enough. Learn why (and how) leading SaaS providers are turning their products into platforms with API integration in the ebook, Build Platforms, Not Products from Cloud Elements.

Topics:

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}