Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

How to Use Mutual SSL with WSO2 Identity Server

DZone's Guide to

How to Use Mutual SSL with WSO2 Identity Server

· Integration Zone
Free Resource

Modernize your application architectures with microservices and APIs with best practices from this free virtual summit series. Brought to you in partnership with CA Technologies.

1. Build mutual-ssl-authenticator soruce code on here. https://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/authenticators/mutual-ssl-authenticator/4.2.0/

2. Build jar put it ‘wso2is-4.7.0\repository\components\dropins’

3. Open ‘wso2is-4.7.0\repository\conf\tomcat\catelina-server.xml’ file and set  clientAuth=”true” to make server to (always) expect two-way SSL authentication.

4. Extract WSO2 public certificate from:

<IS_Home>/repository/resources/security/wso2carbon.jks
Add it to client’s trust store:
<IS_Home>/repository/resources/security/client-truststore.jks.

keytool -export -alias wso2carbon -file carbon_public2.crt -keystore wso2carbon.jks -storepass wso2carbon
keytool -import -trustcacerts -alias <Client_Alias> -file carbon_public2.crt -keystore client-truststore.jks -storepass wso2carbon

5. Start the server.

For Client:

6. Create new SoapUI project using  https://localhost:9443/services/RemoteUserStoreManagerService?wsdl

7. SSL setting for SOAP UI

image

8. Make call for ‘isExistingUser’

Make sure you sure you add soup header.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.um.carbon.wso2.org">
      <soapenv:Header>
        <m:UserName xmlns:m="http://mutualssl.carbon.wso2.org"
        soapenv:mustUnderstand="0">admin</m:UserName>
    </soapenv:Header>
   <soapenv:Body>
      <ser:isExistingUser>
         <!--Optional:-->
         <ser:userName>admin</ser:userName>
      </ser:isExistingUser>
   </soapenv:Body>
</soapenv:Envelope>

image

Here is testing no password, used crt for aut.

The Integration Zone is proudly sponsored by CA Technologies. Learn from expert microservices and API presentations at the Modernizing Application Architectures Virtual Summit Series.

Topics:

Published at DZone with permission of Madhuka Udantha, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}