Using 2 Way SSL in Web Service Communication
- Gunjan Tulwani (Unlicensed)
- Saurabh Gupta (Unlicensed)
Mutual authentication, or two-way authentication, or 2WAY authentication, refers to both server and client authenticating each other in such a way that both are assured of each others' identity.
In a two-way SSL, digital certificates represent the identities of the client and server. The two parties establish the trust upon each other by getting the certificates signed by a mutually trusted certificate authority. The process of exchanging certificates and setting up connection properties is called as the Secure Sockets Layer (SSL) handshake.
The Adeptia Suite supports 2 way SSL, when you are accessing or publishing any web service. You can configure the 2 Way SSL on each activity level.
Configure 2 way SSL at Service Level in WS Consumer
When you want to access a SSL-enabled web service using Web Service Consumer activity, then you have to perform the following tasks:
Create a Keystore and import your certificate into it.
Import the certificate of the Server, which you want to authenticate, within Adeptia Truststore.
For information on how to create a KeyStore and Trust store and import certificate into it, refer to Creating KeyStore and Truststore.
Create a Security policy and select the Keystore and the Trust store within SSL Properties.
To know how to create a security policy, please refer to the Creating Security Policy Activity for Web Services section.
Use this security policy within the Web Service Consumer activity.
To know how to create a Web Service Consumer activity, please refer to the Creating Web Service Consumer Activity section.
     Configure 2 way SSL at Service Level in WS Provider
When you want to publish a SSL-enabled Web Service using Web Service Provider activity, then you have to perform the following tasks: Create a Keystore.
Import the certificate of the clients, which you want to authenticate, within Adeptia Truststore.
For information on how to create a KeyStore and Trust store and import certificate into it, refer to Creating KeyStore and Truststore..
Add a connector SSLSelectChannelSelector for jetty.
To know how to add SSLSelectChannelSelector, please refer to the Adding SSLSelectChannelSelector for jetty section.
- Now to publish the Web Service through SSL, create a Web Service Provider activity. While creating Web Service provider activity, check the Enable SSL checkbox and select the Port which you have defined in the SslSelectChannelConnector (see Figure 348).
Figure 348: Create Web Service Provider with SSL Enabled