Over a million developers have joined DZone.

How to Use Mutual SSL with WSO2 Identity Server

· Integration Zone

Build APIs from SQL and NoSQL or Salesforce data sources in seconds. Read the Creating REST APIs white paper, brought to you in partnership with CA Technologies.

1. Build mutual-ssl-authenticator soruce code on here. https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/authenticators/mutual-ssl-authenticator/4.2.0/

2. Build jar put it ‘wso2is-4.7.0\repository\components\dropins’

3. Open ‘wso2is-4.7.0\repository\conf\tomcat\catelina-server.xml’ file and set  clientAuth=”true” to make server to (always) expect two-way SSL authentication.

4. Extract WSO2 public certificate from:

Add it to client’s trust store:

keytool -export -alias wso2carbon -file carbon_public2.crt -keystore wso2carbon.jks -storepass wso2carbon
keytool -import -trustcacerts -alias <Client_Alias> -file carbon_public2.crt -keystore client-truststore.jks -storepass wso2carbon

5. Start the server.

For Client:

6. Create new SoapUI project using  https://localhost:9443/services/RemoteUserStoreManagerService?wsdl

7. SSL setting for SOAP UI


8. Make call for ‘isExistingUser’

Make sure you sure you add soup header.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.um.carbon.wso2.org">
        <m:UserName xmlns:m="http://mutualssl.carbon.wso2.org"


Here is testing no password, used crt for aut.

The Integration Zone is brought to you in partnership with CA Technologies.  Use CA Live API Creator to quickly create complete application backends, with secure APIs and robust application logic, in an easy to use interface.


Published at DZone with permission of Madhuka Udantha, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}